Information Technology Reference
In-Depth Information
Virtual Profiles
Virtual Profiles is a unique Point-to-Point Protocol (PPP) application that can create and configure a
virtual access interface dynamically when a dial-in call is received, and can tear down the interface
dynamically when the call ends. Virtual Profiles works with straightforward PPP and with multilink PPP
(MLP).
The configuration information for a Virtual Profiles virtual access interface can come from a virtual
template interface or from user-specific configuration stored on an authentication, authorization, and
accounting (AAA) server, or both.
The user-specific AAA configuration used by Virtual Profiles is interface configuration and is
downloaded during LCP negotiations. Another feature, called per-user configuration, also uses
configuration information gained from a AAA server. However, per-user configuration uses network
configuration (such as access lists and route filters) downloaded during NCP negotiations.
Two rules govern virtual access interface configuration by Virtual Profiles virtual template interfaces and
AAA configurations:
Each virtual access application can have at most one template to clone from, but can have multiple
AAA configurations to clone from (Virtual Profiles AAA information and AAA per-user
configuration, which in turn might include configuration for multiple protocols).
When Virtual Profiles is configured by virtual template, its template has higher priority than any
other virtual template.
This feature runs on all Cisco IOS platforms that support MLP.
For a complete description of the commands mentioned in this section, refer to the “Virtual Profiles
Commands” chapter in the Dial Solutions Command Reference in the Cisco IOS documentation set. To
locate documentation of other commands that appear in this chapter, you can use the command reference
master index or search online.
Background Information
This section presents background information about Virtual Profiles to help you understand this
application before you start to configure it.
Restrictions —We recommend that unnumbered addresses be used in virtual template interfaces to
ensure that duplicate network addresses are not created on virtual access interfaces.
Prerequisites —Use of user-specific AAA interface configuration information with Virtual Profiles
requires the router to be configured for AAA and requires the AAA server to have user-specific
interface configuration AV pairs. The relevant AV pairs (on a RADIUS server) begin as follows:
cisco-avpair = “lcp:interface-config=...”,
The information that follows the equals sign (=), could be any Cisco IOS interface configuration
command. For example, the line might be the following:
cisco-avpair = “lcp:interface-config=ip address 200.200.200.200 255.255.255.0”,
Use of a virtual template interface with Virtual Profiles requires a virtual template to be defined
specifically for Virtual Profiles.
Interoperability with other Cisco dial features — The Cisco IOS Virtual Profiles feature
interoperates with Cisco DDR, multilink PPP (MLP), and dialers such as ISDN.
Search WWH ::




Custom Search