HOTSPOT GATEWAY
Appendix B: Addendum 317
L2TP Tunneling
Define RADIUS Service Profiles
Please note: RADIUS service profiles are used to direct username access requests for
both plain RADIUS users and users who supply realm/domain in their username.
Certain RADIUS servers can only be set to interpret tunnel profiles in either prefix or
suffix-mode so a minimum of two RADIUS servers are required if both prefix and
suffix-based usernames are to be handled. What these RADIUS servers will return in
response to a RADIUS access request is the L2TP tunnel parameters that the HSG
will use to establish an L2TP tunnel. See next figure for an example of a RADIUS
service profile.
z Create a RADIUS service profile to a RADIUS server that will handle
Prefix-based users. This is to handle users that will login with a username in
the format type of “ISP/username”. In this case the delimiter is “/” and what
appears before it, “ISP”, is the realm name.
z Create a RADIUS service profile for a RADIUS server that will handle
Suffix-based users. This is to handle users that will login with a username in
the format type of “username@ISP.com”. In this case the delimiter is “@”
and what appears after it, “ISP.com”, is the realm name.
To Next Page
Loading...
