cisco vpdn l2tp no ping local ip interface

zsmo2372 · ‎07-22-2022

i try to make vpn l2tp on cisco

the connection is so good and it is login on my laptop

but on i try to ping this interface GigabitEthernet0/0/1 my ping is timeout

Current configuration : 2685 bytes
!
! Last configuration change at 00:12:15 AST Wed Jul 20 2022
!
version 16.8
service timestamps debug datetime msec
service timestamps log datetime localtime
service password-encryption
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname router1
!
boot-start-marker
boot-end-marker
!
!
logging buffered 10000
enable secret 5 *******************************
enable password 7 *******************************
!
aaa new-model
!
!
aaa authentication login telnet local
aaa authentication ppp default local
aaa authorization network default local
!
!
!
!
!
!
aaa session-id common
clock timezone AST 3 0
!
ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp excluded-address 192.168.1.110 192.168.1.160
ip dhcp excluded-address 192.168.1.230
!
ip dhcp pool LAN
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 212.43.18.22 95.66.18.22
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group SUP
! Default L2TP VPDN group
! Default PPTP VPDN group
accept-dialin
protocol any
virtual-template 8
no l2tp tunnel authentication
!
!
!
!
!
!
license udi pid ISR4221/K9 sn FGL2416LVKH
no license smart enable
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
!
!
username ******************************* privilege 15 password 7 *******************************
!
redundancy
mode none
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0/0
no ip address
negotiation auto
!
interface GigabitEthernet0/0/0.900
description WAN-Internet
encapsulation dot1Q 900
ip address 172.17.77.174 255.255.255.252
ip nat outside
!
interface GigabitEthernet0/0/1
description LAN-Internet
ip address 192.168.1.1 255.255.255.0 secondary
ip address 31.214.xxx.xxx 255.255.255.248 >> remote ip
ip nat inside
negotiation auto
ip virtual-reassembly
!
interface Virtual-Template8
ip unnumbered GigabitEthernet0/0/1
ip nat inside
peer default ip address pool mvpnco
no keepalive
ppp authentication ms-chap-v2
ip virtual-reassembly
!
ip local pool mvpnco 192.168.1.109 192.168.1.120
ip nat pool LAN 31.214.xxx.xxx 31.214.xxx.xxx prefix-length 29
ip nat inside source static 192.168.1.10 31.214.23.146 extendable
ip nat inside source list 1 pool LAN overload
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 172.17.77.173 name Internet
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
line con 0
password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
transport input none
stopbits 1
line vty 0 4
password 7 13061E010803
transport input all
!
wsma agent exec
!
wsma agent config
!
wsma agent filesys
!
wsma agent notify
!
!
end

Georg Pauwen · ‎07-23-2022

Hello,

which IP address are you trying to ping, from which source IP address ?

zsmo2372 · ‎07-24-2022

like interfaces ips linke 192.168.1.1 or 172.17.77.174

MHM Cisco World · ‎07-24-2022

Are this router is LNS ?

zsmo2372 · ‎07-24-2022

it is connected to wan

zsmo2372 · ‎07-24-2022

I noticed something crazy that I hadn't noticed before

on i use this command

show ip int brife

interface Virtual-Template8 is down

down status and down protocole

MHM Cisco World · ‎07-24-2022

that normal Virtual-template always Down,

config LO and assign IP
then ping this LO

one more point
print route
ipconfig
in client PC and check if the client get IP from VPDN router