The Access-Accept response means that the subscriber is authorized, the balance is sufficient, and he is assigned an IP address. Attributes:

• Framed-IP-Address - is mandatory one: the IP address assigned to the subscriber.
• Idle-Timeout - is optional one: idle timeout, in seconds. The PPPoE session will be terminated if there is no packets being transferred from/to the subscriber during this time. If this attribute is not specified, the session is considered to be unlimited (until it is explicitly terminated by the subscriber)
• Reply-Message - is optional one: message to be sent to the subscriber in the PPP Auth-Ack response
• Session-Timeout - is optional one: max session lifetime, in seconds
• Acct-Interim-Interval - is optional one: the period the accounting intermediate data to be sent, in seconds (can not be less than 60). 0 - do not send accounting intermediate data.
• Class - is optional one: if this attribute is specified then it will be sent "as is" in all the accounting packets
• MS-CHAP2-Success - Microsoft VSA attribute [RFC2548], is mandatory for the MS-CHAPv2 authorization

Поддерживаются следующие VSA-атрибуты Microsoft (vendor-id=311, RFC2548), все они не являются обязательными:

• MS-Primary-DNS-Server - the IP address of the primary DNS server
• MS-Secondary-DNS-Server - the IP address of the secondary DNS server
• MS-Primary-NBNS-Server - the IP address of the primary NetBios server
• MS-Secondary-NBNS-Server - the IP address of the secondary NetBios server

VASExperts VSA attributes (vendor-id=43823) are not mandatory:

[41] VASExperts-DHCP-DNS - the IP address of the DNS server. There can be no more than two VASExperts-DHCP-DNS attributes: one for the primary DNS server and one for the secondary one.

DNS server addresses can be specified through Microsoft VSA-attributes or VASExperts VSA-attributes.

In addition to the mentioned above attributes, Access-Accept must contain a subscriber policing profile and the activated services list, see subscriber properties attrubutes

If the response doesn't contain the Session-Timeout attribute, the PPPoE session is considered to be unlimited and will be terminated either by explicit disconnection performed by subscriber or due to inactivity timeout being exceeded.

If the Session-Timeout is specified, then the VAS Experts DPI will break the PPPoE session after the expiry of a prescribed period. The PPPoE session break is clearly described in the PPP/PPPoE specifications and consists in sending special term messages to the subscriber; the subscriber, having received term, can create a new PPPoE-session.