Thanks for you're answer.

I don't think that this will work with german Telekom vdsl, that's why I'm asking for a working config.

Heard something that special tagging is needed for that (Vlan 7)?

Think something like that should be right, but I want to be sure that it is realy working when I'm testing it tomorrow.

--------------------------------------------

interface FastEthernet0
desc WAN to VDSL Modem
sw mode trunk
sw trunk encapsulation dot1q
sw trunk allowed vlan 7

interface Vlan7
description VDSL
no ip address
pppoe enable
pppoe-client dial-pool-number 1

--------------------------------------------

Someone here with a working connection with german Telekom vdsl?

Is that config right?

Thanks again ;-)

I don't think that this will work with german Telekom vdsl, that's why I'm asking for a working config.

It's a config I'm running without problems on the VDSL connection of a customer (no Entertain, pure VDSL) ...

Forgot to mention, the outside interface is configured as access-port:

interface Ethernet0/0

switchport access vlan 2

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Ok, thank you.

Which modem are you using?

I wonder because Allnet has a manual here:

ftp://212.18.29.48/ftp/pub/allnet/vdsl/all126as2/ALL126AS2_T-Online_Konfiguration.pdf

They say that I have to tagg it with vlan7.

Thanks

I looked it up for another customer ...

You are right with the tagging on the WAN-side, it's VLAN7. I assume the Speedport does that by default. For a different customer (where I have access to the modem) the firewall is again configured with an access-port (no tagging), but the modem (which is a Zyxel VMG1312) is configured with a dot1q tag of 7.

So I assume that you can do it both ways:

1) Use an access-port on the ASA and tell the modem to tag the WAN-port (that's how I do it).

2) Configure the ASA with VLAN 7 as a trunk and make sure the modem doesn't strip the dot1q-tag.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Ok, that sounds good.

So my config from above should work?

I will try it tomorrow when I have access to the hardware.

You are using a Speedport 300hs and a Zyxel VMG1312?

You are using a Speedport 300hs and a Zyxel VMG1312?

I assume that are Speedports, but I never touched them because all config was done remotely ... So I can't tell which model it is.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Hi,

I just want to let you know that it worked.

Here is a short overview:

Hardware

Cisco ASA 5505 Security Plus

Allnet all126as2 VDSL Modem connected to asa port ethernet0/6

Config for the Interface and the VLAN:

interface Ethernet0/6

description --- WAN to VDSL Modem ---

switchport trunk allowed vlan 7

switchport mode trunk

interface Vlan7

nameif outside

security-level 0

pppoe client vpdn group dailin

ip address pppoe setroute

The rest was normal PPPoE setup and NAT.

Thanks for your support.

Hi Christian,

I have the same problem.

Telekom VDSL50 (Magenta) ----    Draytec Vigor VDSL Modem (works as Bridge, tagged 7) ---- ASA5506-X.

You said, that you have a config up an running. I don't get Internet accees (assume the Telekom Dial-In specifics like Kennung, Zugangsnummer, Mitbenutzer etc. are wrong set. Could you please provide me with your config.

Many thx in advance 

Peter