Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
126
Views
0
Helpful
1
Replies

L2TPv3 with IPSec but the L2TP tunnel not active (xconnect)

Wooyoung
Level 1
Level 1

‎05-19-2024 02:33 AM

Just like the title, I'm trying to configure it in gns3... but the l2tp tunnel won't active or up, also after exit the xconnect it shows an error below both in router 1 and router3

R3(config-if)# xconnect 10.0.0.1 13 encapsulation l2tpv3 pw-class r3
R3(config-if-xconn)#exit
Xconnect configuration on this circuit is incomplete
R3(config-if)#

here my sh run for both router 1 and router 3
---> Router 1:

R1#sh run
Building configuration...

Current configuration : 1959 bytes
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
no ip icmp rate-limit unreachable
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
ip tcp synwait-time 5
pseudowire-class r1
encapsulation l2tpv3
ip local interface Tunnel0
!
!
crypto isakmp policy 1
encr aes
authentication pre-share
group 5
lifetime 3600
crypto isakmp key secret address 3.3.3.3
!
!
crypto ipsec transform-set TRANS esp-aes 256 esp-sha-hmac
mode tunnel
!
crypto ipsec profile IPSEC
set transform-set TRANS
!
!
interface Loopback1
ip address 1.1.1.1 255.255.255.0
!
interface Tunnel0
ip address 10.0.0.1 255.255.255.0
tunnel source Loopback1
tunnel destination 3.3.3.3
tunnel protection ipsec profile IPSEC
!
interface Ethernet0/0
no ip address
shutdown
duplex auto
!
interface GigabitEthernet0/0
ip address 192.168.10.1 255.255.255.0
media-type gbic
speed 1000
duplex full
negotiation auto
!
interface GigabitEthernet1/0
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet2/0
ip address 10.10.10.1 255.255.255.0
negotiation auto
xconnect 10.0.0.2 13 encapsulation l2tpv3 pw-class r1
! Incomplete or Invalid Xconnect config
!
interface GigabitEthernet3/0
no ip address
shutdown
negotiation auto
!
interface FastEthernet4/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet4/1
no ip address
shutdown
speed auto
duplex auto
!
!
router eigrp 100
network 1.0.0.0
network 10.0.0.0
network 192.168.0.0
network 192.168.10.0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
end

---> Router3:

R3#sh run
Building configuration...

Current configuration : 1981 bytes
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
no ip icmp rate-limit unreachable
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
ip tcp synwait-time 5
pseudowire-class r3
encapsulation l2tpv3
ip local interface Tunnel0
!
!
crypto isakmp policy 1
encr aes
authentication pre-share
group 5
lifetime 3600
crypto isakmp key secret address 1.1.1.1
!
!
crypto ipsec transform-set TRANS esp-aes 256 esp-sha-hmac
mode tunnel
!
crypto ipsec profile IPSEC
set transform-set TRANS
!
!
interface Loopback1
ip address 3.3.3.3 255.255.255.0
!
interface Tunnel0
ip address 10.0.0.2 255.255.255.0
tunnel source Loopback1
tunnel destination 1.1.1.1
tunnel protection ipsec profile IPSEC
!
interface Ethernet0/0
no ip address
shutdown
duplex auto
!
interface GigabitEthernet0/0
no ip address
shutdown
media-type gbic
speed 1000
duplex full
negotiation auto
!
interface GigabitEthernet1/0
ip address 192.168.20.2 255.255.255.0
negotiation auto
!
interface GigabitEthernet2/0
ip address 10.10.13.1 255.255.255.0
negotiation auto
xconnect 10.0.0.1 13 encapsulation l2tpv3 pw-class r3
! Incomplete or Invalid Xconnect config
!
interface GigabitEthernet3/0
no ip address
shutdown
negotiation auto
!
interface FastEthernet4/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet4/1
no ip address
shutdown
speed auto
duplex auto
!
!
router eigrp 100
network 3.0.0.0
network 10.0.0.0
network 192.168.0.0
network 192.168.20.0
network 192.169.20.0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
end

Labels:
0 Helpful
1 Reply 1

Wooyoung
Level 1
Level 1

‎05-19-2024 06:57 AM

my dumb mistake,
both interface facing to lan shouldn't have Ip, so the xconnect will complete
also need to configure l2tp-class

hope my mistake will help you guys... hehehehe this is for my fyp 

0 Helpful
Customers Also Viewed These Support Documents