08-16-2018 04:21 AM - edited 03-01-2019 03:11 PM
Hello,
I'm trying to setup a C1841 as LAC and forward pppoe session via L2TP to a C7204 VXR router. It doesn't seem to work. There seems to be no request to setup the L2TP connection. I know that, because i setup an IPSEC tunnel from LAC to LNS and this IPSEC tunnel doesn't come up. The IPSEC tunnel works, because i can ping the destination for my L2TP tunnel (and the IPSEC tunnel comes up). But if i clear the IPSEC tunnel and look, if it comes up, when my PPPoE client tries to initiate a connection, the IPSEC tunnel doesn't come up. My setup is based on the configuration listed on this website:
https://networkbackyard.wordpress.com/2017/04/21/cisco-pppoe-over-l2tp-sample-configuration-lab/
The IOS versions used for this setup are c1841-advipservicesk9-mz.124-24.T8.bin on the LAC and c7200-adventerprisek9-mz.151-4.M3a.bin on the LNS. The part of the configuration for PPPoE and L2TP on the LAC is:
LAC:
vpdn enable
vpdn multihop
vpdn logging
vpdn logging user
no vpdn ip udp ignore checksum
vpdn search-order domain
vpdn domain-delimiter % suffix
!
vpdn-group to-netde
request-dialin
protocol l2tp
domain ilse@vdsl.net.de
initiate-to ip 10.0.0.1 priority 1
source-ip 192.168.22.23
local name ilse-client
l2tp tunnel password mytunnel
!
bba-group pppoe GROUP1
virtual-template 1
!
interface FastEthernet0/0
ip address 192.168.22.23 255.255.255.0
duplex auto
speed auto
crypto map ilse
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable group GROUP1
!
interface Virtual-Template1
ip unnumbered FastEthernet0/0
no snmp trap link-status
ppp authentication chap callin
!
... and on the LNS:
LNS:
vpdn-group ilse-test
accept-dialin
protocol l2tp
virtual-template 10
terminate-from hostname ilse-client
source-ip 10.0.0.1
local name bras2.cs.net.de
l2tp tunnel password mytunnel
!
interface Loopback10
ip address 10.0.0.1 255.255.255.255
!
interface Virtual-Template10
description direct internet access via Telekom BSA
mtu 1452
ip unnumbered Loopback0
no ip redirects
ip load-sharing per-packet
no ip route-cache
ip tcp adjust-mss 1408
no logging event link-status
ipv6 unnumbered Loopback0
ipv6 enable
ipv6 rip TELEKOM-BSA enable
ipv6 rip TELEKOM-BSA default-information only
no snmp trap link-status
keepalive 1 1
ppp authentication chap callin PPP
ppp accounting PPP
ppp chap refuse
ppp pap refuse
ppp link reorders
!
In my opinion, the issue is not based on the configuration of the LNC, because i don't see the IPSEC tunnel between 192.168.22.23 and 10.0.0.1 come up (but a ping from LAC to 10.0.0.1 brigs the IPSEC tunnel up), so it seems, that my LAC does not try to initiate a L2TP connection to my LNS. How ca i fix this issue? Any ideas?
09-13-2018 02:18 PM
revisé la config y vi varios errores, pero creo que te servirá más la guía de configuración que señalar los errores, considera que L2TP fue reemplazado por L2TPv3
https://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800a43e9.shtml
L2TPv3
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide