Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1389
Views
0
Helpful
0
Replies

C1921 - One-way Multicast via PPTP VPN

richard-artevea
Level 1
Level 1

‎10-24-2012 07:52 AM - edited ‎03-04-2019 05:57 PM

Got a proprietary voice/data application running on two PCs (Windows XP) that are connected via a private IPv4 backbone that does not pass multicasts. I am aware that the "usual" solution is to use a pair of Cisco routers and set up a GRE Tunnel between them.

One of the sites does have a Cisco router that is under my control, the other is a smaller (outlying) site that has only an Ethernet connection directly to a router in the telecom provider's backbone.

To keep the costs of this site doen I have, instead of installing another router, tried creating a PPTP VPN tunnel using the PPTP client in Windows XP, with the "server" end in the Cisco router (C1921) under my control. But, although unicast communication via the PPTP VPN is fine, multicast (speech) is only heard in one direction (from the main site having the C1921 router out to the outlying site).


I have reproduced the problem in the lab. using a single C1921 router; on my rig the "outlying site" is connected to the Cisco C1921 router via a an old (dumb) Linksys cable router that does not pass multicast.

The PPTP VPN again works fine for unicast, for multicast it works in just the one direction - when the source is in the "main site" directly connected to the C1921 and the receiver is at the "outlying site".

The output of 'show ip mroute' does look a little odd, in that it reports that the multicast packets from the PPTP client are coming in on GigabitEthernet0/0, but does seem to show that they *should* be echoed to the sender and going out on Vlan1 where the listening application PC is connected.

If I send multicast between sources/receivers on two different Ethernet ports of the C1921 (not using the PPTP VPN), the multicast packets flow correctly in both directions and the output of 'show ip mroute' is as expected. So the problem only seems to be occurring when one end is via the PPTP VPN...


Any guidance on what may be wrong (or what I have done wrong) appreciated...


Regards,
Richard


FYI - relevant parts of C1921 configuration (the router I am using has only the IP BASE feature set, so my PPTP VPN is unencrypted). The PC on the outlying site has an IP address of 192.168.40.66, and is connected to port GigabitEthernet0/1,and the local site PC has an IP address of 192.168.50.20, and is connected to one of the ports on a HWIC-4ESW module (under the interface Vlan1)

vpdn enable
vpdn-group 1
! Default PPTP VPDN group
accept-dialin
  protocol pptp
  virtual-template 1

username site2 password 0 test

interface Loopback0
description Software Loopback (OSPF)
ip address 192.168.50.224 255.255.255.255
ip pim sparse-dense-mode

interface Loopback1
description Software Loopback (PIM RP)
ip address 10.0.0.1 255.255.255.255
ip pim sparse-dense-mode

interface GigabitEthernet0/0
description LAN1 - Office LAN
ip address 192.168.0.4 255.255.255.0
ip pim sparse-dense-mode
duplex auto
speed auto
no cdp enable

interface GigabitEthernet0/1
description LAN2 - WAN - GRE/PPTP Tunnels
ip address 192.168.250.2 255.255.255.0
ip pim sparse-dense-mode
duplex auto
speed auto
no cdp enable

interface FastEthernet0/1/0
no ip address

interface FastEthernet0/1/1
no ip address

interface FastEthernet0/1/2
no ip address

interface FastEthernet0/1/3
no ip address

interface Virtual-Template1
ip unnumbered GigabitEthernet0/1
ip pim sparse-dense-mode
peer default ip address pool pptptest
ppp authentication ms-chap ms-chap-v2
!
interface Vlan1
description VLAN1 - Local Site LAN
ip address 192.168.50.1 255.255.255.128
ip pim sparse-dense-mode

ip local pool pptptest 192.168.50.200 192.168.50.206

ip pim rp-address 10.0.0.1

ip route 0.0.0.0 0.0.0.0 192.168.0.1
ip route 192.168.40.0 255.255.255.0 192.168.250.1


And relevant output from 'show ip mroute' while the source on the outlying site is sending and there is known to be at least one receiver (on the LAN connected to the HWIC-4ESW 4-port switch module) joined to the group

(*, 225.100.1.37), 00:00:01/stopped, RP 10.0.0.1, flags: SJC
  Incoming interface: Null, RPF nbr 0.0.0.0
  Outgoing interface list:
    Vlan1, Forward/Sparse-Dense, 00:00:01/00:02:58
    Virtual-Access2.1, Forward/Sparse-Dense, 00:00:01/00:02:58

(192.168.50.201, 225.100.1.37), 00:00:01/00:02:58, flags: JT
  Incoming interface: GigabitEthernet0/0, RPF nbr 192.168.0.1
  Outgoing interface list:
    Virtual-Access2.1, Forward/Sparse-Dense, 00:00:01/00:02:58
    Vlan1, Forward/Sparse-Dense, 00:00:01/00:02:58

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents