#aaa provision binding-order ip-address-attr l2tp-attr
查了手册,丝毫没提忽略radius 返回Tunnel-Server-Endpoint 的属性.
当没有此命令,LNS用户不在本地认证,而在radius端认证,导致LNS不能忽略Tunnel-Server-Endpoint 的
属性,因而数据包发送进入死循环超时.
至于下不下发 Framed-IP-Address, Framed-IP-Netmask 32位主机路由属性倒没什么关系.
[local]SE1#test aaa authentication username
test@l2tp password 12345678 pr ra
Radius authentication test response:
Server: 138.112.23.123/1812
Server response: Accepted.
------------------------------
Attributes list:
Framed-IP-Address = 1.1.1.1
Framed-IP-Netmask = 255.255.255.255
Tunnel-Medium-Type = 1
Tunnel-Type = 3
Tunnel-Server-Endpoint = xxx.xxx.xxx.xxx
------------------------------
Send count: 1
Send time: Jan 10 18:32:56 2007
Response time: Jan 10 18:32:56 2007
Radius下发context name.
Radius authentication test response:
Server: xx.xx.xx.xx/1812
Server response: Accepted.
------------------------------
Attributes list:
Tunnel-Medium-Type = 1
Tunnel-Type = 3
Tunnel-Server-Endpoint = xx.xx.xx.x
Context-Name = iptv
------------------------------
Send count: 1
Send time: Jan 10 18:33:22 2007
Response time: Jan 10 18:33:22 2007
由于SE默认不接收Radius 返回的context name 因而不能成功拨号.导致619.