The following is an example of a configuration to enable HLE in the system with implicit home authentication.
Configure the vRGW BRG.
Enable HLE in the base routing instance:
config>router>vrgw# info
----------------------------------------------
lanext
vxlan-vtep-range start 198.51.100.235 end 198.51.100.245
wlan-gw-group 1
no shutdown
exit
----------------------------------------------
Configure the HLE EVPN route target number:
config>subscr-mgmt>vrgw>lanext# info
----------------------------------------------
router-target-as-number 100
----------------------------------------------
Configure the maximum number of BDs under the group interface:
config>service>vprn>sub-if>grp-if>wlan-gw
max-lanext-bd 100
Configure BGP in the base routing instance:
config>router>bgp# info
----------------------------------------------
group "evpn"
family evpn
type internal
neighbor 2.2.2.2
exit
exit
no shutdown
----------------------------------------------
Configure HLE under the VLAN range:
config>service>vprn>sub-if>grp-if>wlan-gw>ranges>range# info
----------------------------------------------
authentication
authentication-policy "isa-rad"
exit
authenticate-on-dhcp
vrgw
brg
default-brg-profile "brgp-1"
no shutdown
exit
lanext
assistive-address-resolution
bd-mac-prefix AA:BB:CC
mac-translation
no shutdown
exit
exit
----------------------------------------------
Provision the RADIUS server to include Alc-Bridge-Id in the host and BRG records.