VRF support for L2TP remote-access sessions

I’d like to propose the vpn remote-access to VRF support so that you could specify the exact VRF name and ppp unnumbered interface for the incoming session on the LNS.
This is usually possible with Cisco (or other vendor) VSA received from radius:
Cisco-AVPair = “ip:vrf-id=client”
Cisco-AVPair = “ip:ip-unnumbered=dum2”
This allows subscribers’ access to the enterprise resources. Actually the case is in a great demand among mobile access providers for example.

This is really great request, thanks a lot


It’ll be very useful!!!

if you are able to describe the steps and settings , you can create a task with this feature request :


if it’s possible to do it , our develop team will try to do it.

1 Like

Sure it’s possible. The registration on phabricator needs administrator approval though. I used the same name as here.

Dear all
After consulting with accel-ppp developers we came to understanding that VRF support is already working here in vyos. At least i tested this in rolling release of sagitta. Here is a link to accel-ppp documentation related to VRF support:


Thanks everyone for support.