Hi everyone, I'm kind new here and I am having problems with L2TP. My telco provider offers RAS ports via ERICSSON TIGRIS. We've configured a L2TP tunnel from their TIGIRS to my gateway router, a Cisco 3640 via vpdn. All is well, authentication and accounting, but the session timeout does not seem to work. Althought I can see that the Cisco router is accepting the "session-timeout" value from the radius but it doesn't seem to implement it on the tigris. I hope someone can enlighten me. Thanks, Jaime Here is a copy of my radius config.: <Handler Called-Station-ID=8350818> MaxSessions 1 #DbDir ********* AcctLogFileName /var/log/radius/Cards/details WtmpFileName /var/log/radius/Cardusers/%u PasswordLogFileName /var/log/radius/Cardpasswd/%m%d%Y-passlog PreAuthHook file:"hook2xonly" SessionDatabase SDB1 <AuthBy SQL> # Adjust DBSource, DBUsername, DBAuth to suit your DB DBSource dbi:mysql:***** DBUsername **** DBAuth ******** ##### Authentication ########### AuthSelect select password, MAXTIME from SUBSCRIBERS where username='%n' and MAXTIME>30 AuthColumnDef 0, User-Password, check AuthColumnDef 1, Ascend-Maximum-Time, reply AccountingTable ACCOUNTING AccountingStopsOnly AcctColumnDef USERNAME,User-Name AcctColumnDef TIME_STAMP,Timestamp,integer AcctColumnDef A_STAT_TYP,Acct-Status-Type AcctColumnDef A_SES_ID,Acct-Session-Id AcctColumnDef A_SES_TIME,Acct-Session-Time,integer AcctColumnDef A_TERM_CAUSE,Ascend-Disconnect-Cause,integer AcctColumnDef NAS_ID,NAS-IP-Address AcctColumnDef NAS_PORT,NAS-Port,integer AcctColumnDef F_IP_ADD,Framed-IP-Address AcctColumnDef CALLER_ID,Calling-Station-Id AcctColumnDef CALLED_STATION,Called-Station-Id AcctColumnDef 1X,tot1x,integer AcctColumnDef 2X,tot2x,integer AcctColumnDef 3X,tot3x,integer AcctColumnDef TIME_START,time-start,integer AcctSQLStatement **************************** DefaultReply Service-Type=Framed-User, Framed Protocol=PPP, Framed-Routing=None, Framed-MTU=1500 # Framed-IP-Netmask = 255.255.255.0, Framed-Compression = Van-Jacobson-TCP-IP Timeout 4 </AuthBy> </Handler> Here is what I have on my Cisco: aaa new-model aaa authentication login default local aaa authentication ppp default group radius aaa authorization exec default if-authenticated group radius aaa authorization network default if-authenticated group radius aaa accounting network default start-stop group radius aaa accounting system default start-stop group radius ! vpdn enable ! vpdn-group PLDT accept-dialin protocol l2tp virtual-template 1 terminate-from hostname MAKATI_TIGRIS2 lcp renegotiation always l2tp tunnel password 7 ************* ! interface Virtual-Template1 description 300-port Manila RAS ip unnumbered FastEthernet0/1 keepalive 30 peer default ip address pool mnl-ras-pool ppp authentication pap ! === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.