10-17-2003 12:22 PM - edited 02-20-2020 11:02 PM
Hello to all,
I'm putting in a 501 for a customer and I thought I had the config installed correctly. All we are doing is connecting our dsl service (via pppoe) from SBC to the PIX. It's working fine with the Linxsys router in place.
When I put the PIX into the network connecting directly to the modem and to a switch inside the network,I can see the tunnel when doing a show vpdn but I get a LCP error. I called SBC and they confirmed that I should use PAP for the ppp auth. Anyone have any suggestions re the LCP error? thanks!!
PIX Version 6.2(2)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password
passwd encrypted
hostname xyz
domain-name xyz.com
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol ils 389
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protoco
fixup protocol skinny 2000
names
pager lines 24
interface ethernet0 10baset
interface ethernet1 10full
mtu outside 1500 <--do I need to change to 1492?
mtu inside 1500 <--do I need to change to 1492?
ip address outside pppoe setroute
ip address inside 192.168.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm history enable
arp timeout 14400
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 si
p 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
no sysopt route dnat
telnet timeout 5
ssh timeout 5
vpdn group xyz request dialout pppoe
vpdn group xyz localname xxx@sbcglobal.net
vpdn group xyz ppp authentication pap
vpdn username xxx@sbcglobal.net password *********
dhcpd address 192.168.1.100-192.168.1.109 inside
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd domain xyz.com
dhcpd enable inside
terminal width 80
10-18-2003 12:56 AM
Hi Steve,
Have a read of the following document for your question on Link Control Protocol (LCP):
http://www.cisco.com/warp/public/110/pppoe-for-pix501.html
Hope this helps - Thanks, Jay
10-20-2003 07:39 AM
Try removing the PAP authentication. I had a similar problem with PPPOE/DSL last week. Took off PAP and everything worked fine.
10-20-2003 07:40 AM
By the way, I have nothing to do with SBC DSL services. Again, I saw same issue with another DSL provider.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide