SE作LNS的同时又作PE/CE,呵呵,强!

 #aaa provision binding-order ip-address-attr l2tp-attr

查了手册,丝毫没提忽略radius 返回Tunnel-Server-Endpoint 的属性.

当没有此命令,LNS用户不在本地认证,而在radius端认证,导致LNS不能忽略Tunnel-Server-Endpoint 的

属性,因而数据包发送进入死循环超时.

至于下不下发       Framed-IP-Address, Framed-IP-Netmask  32位主机路由属性倒没什么关系.

[local]SE1#test aaa authentication username test@l2tp password 12345678 pr ra
        Radius authentication test response:
           Server:           138.112.23.123/1812
           Server response:  Accepted.
           ------------------------------
           Attributes list:
           Framed-IP-Address = 1.1.1.1

           Framed-IP-Netmask = 255.255.255.255
           Tunnel-Medium-Type = 1
           Tunnel-Type = 3
           Tunnel-Server-Endpoint = xxx.xxx.xxx.xxx
           ------------------------------
           Send count:       1
           Send time:        Jan 10 18:32:56 2007
           Response time:    Jan 10 18:32:56 2007

Radius下发context name.

        Radius authentication test response:
           Server:           xx.xx.xx.xx/1812
           Server response:  Accepted.
           ------------------------------
           Attributes list:
           Tunnel-Medium-Type = 1
           Tunnel-Type = 3
           Tunnel-Server-Endpoint = xx.xx.xx.x
           Context-Name = iptv
           ------------------------------
           Send count:       1
           Send time:        Jan 10 18:33:22 2007
           Response time:    Jan 10 18:33:22 2007

由于SE默认不接收Radius 返回的context name 因而不能成功拨号.导致619.