Hey everyone,
I just setup successfully a new lns with radius on version: VyOS 1.3.0 Release train: equuleus
The session is successfully established but…
- the IP address of the “client-ip-pool” is not ignored and is sent to the CPE. This configuration line should be normally ignored as the authentication is in mode “radius”.
Hereunder you can find the configuration.
l2tp {
remote-access {
authentication {
mode radius
radius {
server 10.50.201.x {
disable-accounting
key x.X.X.X
}
source-address 10.50.201.x
}
}
ccp-disable
client-ip-pool {
subnet 192.168.201.0/24
}
description BRAS
gateway-address 192.168.201.1
lns {
host-name BRAS01
shared-secret x.X.X.X
}
outside-address x.X.X.X
}
}
Log file :
Client-ip-pool isn’t ignored. Also the public IP address configured for this user in the radius is sent.
Mar 15 14:26:47 BRAS-01 accel-l2tp: ppp1:ar 15 14:26:47 BRAS-01 accel-l2tp: ppp1:newbrasvalidation@xxxxx: recv [IPCP ConfReq id=1 <addr 0.0.0.0> <dns1 0.0.0.0> <dns2 0.0.0.0>]
Mar 15 14:26:47 BRAS-01 accel-l2tp: ppp1:newbrasvalidation@xxxx: send [IPCP ConfReq id=3d <addr 192.168.201.1>]
Mar 15 14:26:47 BRAS-01 accel-l2tp: ppp1:newbrasvalidation@xxxx: send [IPCP ConfRej id=1 <dns1 0.0.0.0> <dns2 0.0.0.0>]
Mar 15 14:26:47 BRAS-01 accel-l2tp: ppp1:newbrasvalidation@xxxx: recv [IPCP ConfAck id=3d <addr 192.168.201.1>]
Mar 15 14:26:47 BRAS-01 accel-l2tp: ppp1:newbrasvalidation@xxxx: recv [IPCP ConfReq id=2 <addr 0.0.0.0>]
Mar 15 14:26:47 BRAS-01 accel-l2tp: ppp1:newbrasvalidation@xxxx: send [IPCP ConfNak id=2 ]
Mar 15 14:26:47 BRAS-01 accel-l2tp: ppp1:newbrasvalidation@xxxx: recv [IPCP ConfReq id=3 ]
Mar 15 14:26:47 BRAS-01 accel-l2tp: ppp1:newbrasvalidation@xxxx: send [IPCP ConfAck id=3]
: send [IPCP ConfAck id=3]
I suspect that it is a bug. Can you please confirm or inform me which actions I need to take to fix this issue ?
Thanks a lot ,
Sib