5-35
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server
L2TP Network Server
Verifying and Troubleshooting per VRF AAA
To verify and troubleshoot the per VRF AAA feature, enter the following commands in privileged EXEC
mode.
Note
Due to the large output of some of the commands, many events are not displayed on the console. Instead,
the messages are logged to a console log file. To limit the rate that the Cisco 10000 series router logs
system messages, enter the
logging rate-limit
command. For more information, see the
“Troubleshooting and Fault Management Commands in the
Cisco IOS Configuration Fundamentals
Command Reference, Release 12.2
.
Caution
Because debugging output is assigned high priority in the CPU process, it can render the system
unusable. For this reason, use debug commands only to troubleshoot specific problems or during
troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use
debug commands during periods of lower network traffic and fewer users. Debugging during these
periods decreases the likelihood that increased debug command processing overhead will affect system
use.
Step 10
Router(config)#
radius-server attribute
44 include-in-access-req vrf
vrf-name
Sends RADIUS attribute 44 in access request packets before user
authentication and enables the specification on a per VRF basis.
The
vrf
vrf-name
keyword and argument specify the per VRF
configuration.
Step 11
Router(config)#
radius-server
domain-stripping vrf
vrf-name
(Optional) Enables VRF-aware domain-stripping.
The
vrf
vrf-name
keyword and argument specify the per VRF
configuration.
Command
Purpose
Command
Purpose
Router#
show ip route vrf
vrf-name
Displays the IP routing table associated with a VRF.
Router#
debug aaa accounting
Displays information on accountable events as they occur.
Router#
debug aaa authorization
Displays information on AAA authorization.
Router#
debug ppp negotiation
Displays information on traffic and exchanges in an internetwork
implementing PPP.
Router#
debug radius
Displays information associated with RADIUS.
Router#
debug vpdn event
Displays L2TP errors and events that are a part of normal tunnel
establishment or shutdown for VPNs.
Router#
debug vpdn error
Displays debug traces for VPN.