Download FireBrick FB2500 User Manual

Internet Service Providers
This can the select specific RADIUS servers to use at the ISP for authorising the connection (though typically
a single set of RADIUS servers is used for all connections). It can also specify defaults for DNS, PPP endpoint
addresses and so on.
18.8.5. ISP RADIUS
Once the L2TP connection arrives you can use RADIUS in your own network to control the connection,
accepting it or rejecting it, and defining IP addressing, DNS, traffic speeds, routing table, and much more.
Appendix F provides details of the specific AVPs used with RADIUS for L2TP.
You would normally have more than one RADIUS server. You can set these in a priority order, a set of main
servers and a set of backup. The FB2500 will find a config line for RADIUS based on the named RADIUS
server in the L2TP incoming configuration, or pick any if this is not set. It checks these in order. Each RADIUS
configuration can have multiple servers. Only if all of the services in a configuration entry are blacklisted will
later configuration entries be considered.
Having picked a RADIUS configuration entry, the servers listed are considered based on their previous response
time and reliability. The requests are then sent to serves in order, allowing enough time for a response based
on previous performance. There are settings to fine tune these timings. Once a response is received then the
L2TP connection can proceed.
The same process is followed for RADIUS accounting. Each config can say if it is used for authentication or
accounting or both.
108
www.voipon.co.uk [email protected] Tel: +44 (0)1245 808195 Fax: +44 (0)1245 808299