cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5477
Views
0
Helpful
9
Replies

Cisco ASA 5505 with german Telekom VDSL

Hello,

could someone tell me how to configure an asa 5505 for a pppoe connection with german Telekom VDSL?

The modem is an Allnet all126as2 and has a synced connection to the DSLAM.

IPTV (Entertain) is not needed, only the internet connection should work.

It would be greate if someone could post a working config.

Thanks a lot.

9 Replies 9

Here is what you need after connecting your DSL-modem to the ASA:

interface Vlan2

  nameif outside

  security-level 0

  pppoe client vpdn group VDSL

  ip address pppoe setroute

!

vpdn group VDSL request dialout pppoe

vpdn group VDSL localname YOUR-PPPOE-USERNAME

vpdn group VDSL ppp authentication pap

vpdn username YOUR-PPPOE-USERNAME password YOUR-PPPOE-PASSWORD store-local

More in this example:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080ab7ce9.shtml

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Thanks for you're answer.

I don't think that this will work with german Telekom vdsl, that's why I'm asking for a working config.

Heard something that special tagging is needed for that (Vlan 7)?

Think something like that should be right, but I want to be sure that it is realy working when I'm testing it tomorrow.

--------------------------------------------

interface FastEthernet0
desc WAN to VDSL Modem
sw mode trunk
sw trunk encapsulation dot1q
sw trunk allowed vlan 7

interface Vlan7
description VDSL
no ip address
pppoe enable
pppoe-client dial-pool-number 1

--------------------------------------------

Someone here with a working connection with german Telekom vdsl?

Is that config right?

Thanks again ;-)

I don't think that this will work with german Telekom vdsl, that's why I'm asking for a working config.

It's a config I'm running without problems on the VDSL connection of a customer (no Entertain, pure VDSL) ...

Forgot to mention, the outside interface is configured as access-port:

interface Ethernet0/0

switchport access vlan 2

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Ok, thank you.

Which modem are you using?

I wonder because Allnet has a manual here:

ftp://212.18.29.48/ftp/pub/allnet/vdsl/all126as2/ALL126AS2_T-Online_Konfiguration.pdf

They say that I have to tagg it with vlan7.

Thanks

I looked it up for another customer ...

You are right with the tagging on the WAN-side, it's VLAN7. I assume the Speedport does that by default. For a different customer (where I have access to the modem) the firewall is again configured with an access-port (no tagging), but the modem (which is a Zyxel VMG1312) is configured with a dot1q tag of 7.

So I assume that you can do it both ways:

1) Use an access-port on the ASA and tell the modem to tag the WAN-port (that's how I do it).

2) Configure the ASA with VLAN 7 as a trunk and make sure the modem doesn't strip the dot1q-tag.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Ok, that sounds good.

So my config from above should work?

I will try it tomorrow when I have access to the hardware.

You are using a Speedport 300hs and a Zyxel VMG1312?


You are using a Speedport 300hs and a Zyxel VMG1312?

I assume that are Speedports, but I never touched them because all config was done remotely ... So I can't tell which model it is.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Hi,

I just want to let you know that it worked.

Here is a short overview:

Hardware

Cisco ASA 5505 Security Plus

Allnet all126as2 VDSL Modem connected to asa port ethernet0/6


Config for the Interface and the VLAN:

interface Ethernet0/6

description --- WAN to VDSL Modem ---

switchport trunk allowed vlan 7

switchport mode trunk


interface Vlan7

nameif outside

security-level 0

pppoe client vpdn group dailin

ip address pppoe setroute

The rest was normal PPPoE setup and NAT.

Thanks for your support.

Hi Christian,

 

I have the same problem.

 

Telekom VDSL50 (Magenta) ----    Draytec Vigor VDSL Modem (works as Bridge, tagged 7) ---- ASA5506-X.

 

You said, that you have a config up an running. I don't get Internet accees (assume the Telekom Dial-In specifics like Kennung, Zugangsnummer, Mitbenutzer etc. are wrong set. Could you please provide me with your config.

Many thx in advance 

 

Peter

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco