First off, here is my config so far. http://pastebin.com/fV2NGCE2
I've gone through a few guides online and the 15.2s manual and the xe3 manual for Cisco's ISG (intelligent services gateway) and understand what I want to obtain from using it, but I can't for the life of me figure out what to actually apply to the router.
Internet <----GE0/1----> 7206VXR <----GE0/3----> Clients
|
|
freeRADIUS
The idea is that the internet connection comes in through GE0/1 and the clients will all be using pppoe to connect via layer2 to the GE0/3 using a Virtual-Template1 for their pppoe stuff and aaa via radius with freeRADIUS. That all works. But now I want to make it so that unless the pppoe connection is connected and logged in successfully, the clients will still get layer 3 network access but only to 10.0.1.2. When they connect successfully and login, then they'll be allow to the internet with the layer 3.
Right now, they get an IP from the DHCP server running on the router and it connects them to the internet. I want to modify that so that ISG not only influences the address they get, but only allows them to the 10.0.1.2 address until they login using the pppoe connection.
Any ideas? Has anyone set this up before?
