I'm trying to setup a C1841 as LAC and forward pppoe session via L2TP to a C7204 VXR router. It doesn't seem to work. There seems to be no request to setup the L2TP connection. I know that, because i setup an IPSEC tunnel from LAC to LNS and this IPSEC tunnel doesn't come up. The IPSEC tunnel works, because i can ping the destination for my L2TP tunnel (and the IPSEC tunnel comes up). But if i clear the IPSEC tunnel and look, if it comes up, when my PPPoE client tries to initiate a connection, the IPSEC tunnel doesn't come up. My setup is based on the configuration listed on this website:
The IOS versions used for this setup are c1841-advipservicesk9-mz.124-24.T8.bin on the LAC and c7200-adventerprisek9-mz.151-4.M3a.bin on the LNS. The part of the configuration for PPPoE and L2TP on the LAC is:
vpdn enable vpdn multihop vpdn logging vpdn logging user no vpdn ip udp ignore checksum vpdn search-order domain vpdn domain-delimiter % suffix
vpdn-group to-netde request-dialin protocol l2tp domain firstname.lastname@example.org initiate-to ip 10.0.0.1 priority 1 source-ip 192.168.22.23 local name ilse-client l2tp tunnel password mytunnel !
bba-group pppoe GROUP1 virtual-template 1 !
interface FastEthernet0/0 ip address 192.168.22.23 255.255.255.0 duplex auto speed auto crypto map ilse ! interface FastEthernet0/1 no ip address duplex auto speed auto pppoe enable group GROUP1 !
interface Virtual-Template1 ip unnumbered FastEthernet0/0 no snmp trap link-status ppp authentication chap callin !
... and on the LNS:
vpdn-group ilse-test accept-dialin protocol l2tp virtual-template 10 terminate-from hostname ilse-client source-ip 10.0.0.1 local name bras2.cs.net.de l2tp tunnel password mytunnel !
interface Loopback10 ip address 10.0.0.1 255.255.255.255
interface Virtual-Template10 description direct internet access via Telekom BSA mtu 1452 ip unnumbered Loopback0 no ip redirects ip load-sharing per-packet no ip route-cache ip tcp adjust-mss 1408 no logging event link-status ipv6 unnumbered Loopback0 ipv6 enable ipv6 rip TELEKOM-BSA enable ipv6 rip TELEKOM-BSA default-information only no snmp trap link-status keepalive 1 1 ppp authentication chap callin PPP ppp accounting PPP ppp chap refuse ppp pap refuse ppp link reorders !
In my opinion, the issue is not based on the configuration of the LNC, because i don't see the IPSEC tunnel between 192.168.22.23 and 10.0.0.1 come up (but a ping from LAC to 10.0.0.1 brigs the IPSEC tunnel up), so it seems, that my LAC does not try to initiate a L2TP connection to my LNS. How ca i fix this issue? Any ideas?
Crosswork Cloud - Crosswork Traffic Analysis - FAQ
Crosswork Cloud - Crosswork Traffic Analysis is a Cloud-hosted Software as a Service platform that provides Netflow based Traffic Analytics. The Crosswork Traffic Analysis platform Traffic Analysis, Peeri...
Cisco Champion Radio · S8|E9 Innovations to Achieve a Trustworthy Infrastructure
How do you know for certain that a router in your network has not been altered with since you deployed it? Wouldn’t it be great if you can cryptographically challenge your r...
IOS upgrade on asr9xx mandates rommon upgrades sometimes while they can be optional at other times. You may land up in unwanted situation if proper procedure is not followed during upgrades.
This article will include complete details about rommon ...
In some situation NCS560 RP become unresponsive after reload or powercycle.
In many NCS560 deployments are in remote location, deployment might be large and human intervention should be kept at minimum
Engineering team have been working on a str...
In simple terms, 'Route Churn' is defined as the 'rate of change of prefixes'. Different XR versions across 4.x to 7.x have differing behavior & support for the BGP churn handling and some enhancements made from 6.5.3 onwards (listed in appendix) mak...