Choose Manage→Service→Services from the NFM-P main menu. The Manage Services form opens.

Select a VPLS in the list and click Properties. The VPLS Service (Edit) form opens.

In the navigation tree, expand Sites→site_n→Access Interfaces.

Right-click on the Access Interfaces icon and choose Create VPLS L2 Access Interface, or right-click an existing access interface object and choose Properties. The VPLS L2 Access Interface (Create|Edit) form opens.

1. Set the SAP Sub Type parameter to Capture. The form displays a different array of tabs and panels.

2. Configure the Description and Administrative State parameters.

3. Select a host lockout policy, if required.

4. Select a subscriber authentication policy, if required.

Click on the Port tab.

1. Select a terminating port for the capture SAP.

2. Configure the encapsulation values for the SAP, if required. The encapsulation type of the terminating port determines the encapsulation values that are available. The table below describes the encapsulation values for each encapsulation type.

   The capture SAP is used if a more specific match for the dot1q or QinQ tags is not found.

   Some providers use QinQ encapsulation to represent a service.sub or sub.service SAP. When configured, the full QinQ represents a subscriber.

Table 74-4: Encapsulation types

Click on the ACL tab to select an ACL filter.

Click on the QoS tab to specify an ingress or egress queue group policy.

1. Select an NE DoS protection policy.

2. Configure the MAC Monitoring parameter OR the Ethernet CFM Monitor Flags parameter.

3. Select a DDoS protection policy.

If the capture SAP is an ATM SAP, click on the ATM tab.

1. Configure the AAL5 Encapsulation parameter.

2. Click on the VC Ranges tab.

3. Click Create or select an existing ATM configuration and click Properties. The ATM Configuration (Create|Edit) form opens.

4. Configure the required parameters.

5. Save your changes and close the form.

Click on the Capture Access Interface tab.

1. Enable the Allow Dot1Q MSAPs parameter, if required. This parameter can only be configured when the terminating port for the capture SAP is configured for QinQ encapsulation.

2. Select one or more of the following parameters on the Trigger Packet panel to specify the types of packets that will trigger RADIUS authentication:

   • DHCPv4

   • PPP

   • PPPoE

   • ARP

   • DHCPv6

   • Data

   The PPPoE parameter is selectable only on an ATM SAP. The ARP, DHCPv4, and DHCPv6 parameters are selectable only on a non-ATM SAP.

3. Select a MSAP policy in the MSAP Defaults panel.

4. Select or manually type an MSAP Service ID.

5. Select or manually type an MSAP Group Interface Name.

6. Select a PPP policy in the PPP panel, if required.

   A PPP policy is configurable only on an ATM SAP.

7. Select a PPP policy in the PPPoE panel, if required.

8. Select a local user database for the following protocols, as required:

   • PPP

   • PPPoE

   • DHCPv4

   • DHCPv6

   A PPP local user database is selectable on only an ATM SAP.

   A DHCPv4 or DHCPv6 local user database is selectable on only a non-ATM SAP.

9. Select a python policy for the following protocols, as required:

   • PPPoE

   • DHCPv4

   • DHCPv6

10. Select an SRRP instance in the Redundancy panel.

11. Select a diameter authentication policy.

12. If the capture SAP is to be used for data-triggered authentication in a dynamic services configuration, select a dynamic service policy and configure its administrative state.

If the capture SAP is to be used to instantiate IPoE sessions, click on the IPoE Session tab.

1. Configure the Administrative State and Description parameters.

   The Administrative State parameter must be set to Disabled before IPoE session policy and local user database configurations can be changed.

2. Select an IPoE session policy.

3. Select a local user database.

Save your changes and close the forms.

End of steps