04-28-2011 01:58 PM - edited 03-04-2019 12:13 PM
Hi everybody!
I am using ASA 5505 with firmware 8.2(2).
My ISP uses PPPoE as a WAN connection protocol.
There is a problem with getting PPPoE session started on my ASA 5505.
The debug output says that after negotiation of PPP-authentication protocol ASA receives a PADT packet from ISP’s concentrator. To get more information I captured all packets on outside interface with WireShark. Packet-dumps (in .pcap format) are attached in this post.
I have tried all possible combinations of PAP/CHAP/MSCHAP values in “vpdn group MYGROUP ppp authentication” command. If you take a look at the packet-dumps you can see, that in case of “PAP” – ISP’s concentrator rejects negotiation (PAP is not supported by my ISP). In case of CHAP/MSCHAP (that ARE supported by my ISP) – ASA acknowledges the using of MSCHAP v.2 PPP-auth protocol, which is actually not supported by it…
Judging by MAC-addresses of ISP’s concentrators it is visible that Cisco’s equipment also is used.
The questions is: Why ASA acknowledges using of unsupported ppp-auth protocol during negotiation and what I need to do to resolve this issue? (ISP’s support says, that they cannot change PPP-auth protocol negotiation order. Also they says that I need to contact with manufacturer of my equipment).
Thanks for any help and sorry for my English
05-02-2011 12:36 PM
Upd.: ISP's support gave me some information about their PPPoE concentrators:
Cisco IOS Software, IOS-XE Software (X86_64_LINUX_IOSD-ADVENTERPRISEK9-M), Version 15.0(1)S2, RELEASE SOFTWARE (fc1) |
PS: May be this forum - is not the best place to discuss this issue. It is clear, that ASA 5505 has a bug. This bug is in it's PPP-auth neg. phase.. I will be grateful if someone point me the best place to put this post to.
06-25-2011 01:53 AM
UP...
01-02-2012 08:37 AM
The same problem with ASA 5505, PPPoE doesn't work even in 8.4 version, the same symptoms from previous post.
But PPPoE doesn't work only with ASA, with other equipment (cisco routers, other consumer routers) it works fine.
ASA cannot establish PPPoE session with the provider.
By the way the provider name is NETBYNET. http://www.netbynet.ru/
So you should be careful, if you plan to use ASA 5505 with NETBYNET, as the tech support of the provider says that ASA is unsupported to be used in its network.
It is obviously the ASA bug, because on other equipment it works well.
Is it possible to fix this bug or I only need to use TAC, which is the problem, because I don’t have service contract?
11-03-2013 05:53 AM
A previous versions working (asa OS) success?
11-03-2013 05:54 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide