Re: Configure L2TP On Router using Sub interface

alibahrian110 · ‎03-07-2018

Hi There,

I have 2x2800 routers with NME-16ES-1G-P - 16-port 10/100 Cisco EtherSwitch Service Module installed in it.

I created L2tp tunnel using Physical interfaces on the routers. It works fine. laptops could ping each other.

Now I Want to create a L2TPtunnel from the router sub interface to another router physical interface.

Following config I applied. Tunnel comes up but the two laptops cant ping.

Following is the Config

Service Module-1

===============

Int fa 1/0/1

Desc laptop-1 having IP 172.16.0.1 255.255.0.0 is connected on this port.

Sw acc vlan 1

Int gi 1/0/2

Desc Internal Dot1q Trunk

sw mode tr

sw trun en dot1q

==========

On Router-1

========

L2tp-class l2tpclass11

pseudowire-class pseudoclass11

encap l2tpv3

internetworking ethernet

protocol l2tpv3 l2tpclass11

ip local interface loopback 0

Int loopback 0

ip add 10.1.1.1 255.255.255.255

int gi 0/0

Desc Directly connected to Router-2 on port gi 0/0

ip add 10.0.0.1 255.0.0.0

Inter gi 2/0

Desc Trunk to Switch Module

ip add 192.168.0.1 255.255.255.0

Inter gi 2/0.1

xconnect 10.2.2.2 22 encap l2tpv3 pw-class pseudoclass11

=========================================================

Service Module-2

===============

Int fa 1/0/1

Desc laptop-2 having IP 172.16.0.2 255.255.0.0 is connected on this port.

Sw acc vlan 1

Int gi 1/0/2

Desc Internal Dot1q Trunk

sw mode tr

sw trun en dot1q

==========

On Router-2

========

L2tp-class l2tpclass11

pseudowire-class pseudoclass11

encap l2tpv3

internetworking ethernet

protocol l2tpv3 l2tpclass11

ip local interface loopback 0

Int loopback 0

ip add 10.2.2.2 255.255.255.255

int gi 0/0

Desc Directly connected to Router-1 on port gi 0/0

ip add 10.0.0.2 255.0.0.0

Inter gi 2/0

Desc Trunk to Switch Module

ip add 192.168.0.1 255.255.255.0

Inter gi 2/0.1

xconnect 10.1.1.1 22 encap l2tpv3 pw-class pseudoclass11

OSPF is running so all the routng is in place. Router 1 can ping router 2 loopback and other IP address.

L2TP tunnel comes up straight away but Laptop-1 cant ping laptop2 and vice versa.

Any sggestion whats wrong in the config.

Julio E. Moisa · ‎03-07-2018

Hi

If you are going to use L2TP with Sub-interfaces, everything needs to be configured with sub-interfaces including the CE routers, otherwise the L2VPN will be up but not traffic transit through, You can verify the following example:

PE01

pseudowire-class L2VPN
encapsulation l2tpv3
ip local interface Loopback0

interface GigabitEthernet0/0
no ip address
negotiation auto
no keepalive
!
interface GigabitEthernet0/0.100
encapsulation dot1Q 100
xconnect 2.2.2.2 100 encapsulation l2tpv3 pw-class L2VPN

PE02

pseudowire-class L2VPN
encapsulation l2tpv3
ip local interface Loopback0

interface GigabitEthernet0/0
no ip address
negotiation auto
!
interface GigabitEthernet0/0.100
encapsulation dot1Q 100
xconnect 1.1.1.1 100 encapsulation l2tpv3 pw-class L2VPN

CLIENT ROUTER01

interface G0/0
no ip address
!
interface G0/0.100
encapsulation dot1Q 100
ip address 192.168.100.1 255.255.255.0

CLIENT ROUTER02

interface G0/0
no ip address
!
interface G0/0.100
encapsulation dot1Q 100
ip address 192.168.100.2 255.255.255.0

If you are using Trunk on the client routers remember to allow the VLAN associated to the L2VPN.

Hope it is useful

:-)

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

alibahrian110 · ‎03-07-2018

Hi Julio.

thanks for the suggestion however it didn’t work. I changed my config to adopt ur suggestion that all the connectivity should be based on sub interfaces.

So so I changed the interfaces on my both the router to subinterface i.e. changed the following for router 1

int gi0/0

no ip add

int gi0/0.1

encap dot1q 1

! For router 1

ip address 10.0.0.1 255.0.0.0

for router 2

int gi0/0
no ip add
int gi0/0.1
encap dot1q 1
! For router 1
ip address 10.0.0.2 255.0.0.0

rest of the config were the same. But no luck. I made sure that I was using only vlan 1 through the config n sub interface.

Can u suggest what is wrong now

thanks is advance.

Julio E. Moisa · ‎03-08-2018

Hi

is possible to share the config of the all devices involved on this L2VPN?

Thank you in advance.

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

alibahrian110 · ‎03-08-2018

HI Julio,

I have Two routers directly connected with each other using port gi0/0.

Both routers have 16 port switch module connected within the router chassis.

Diagram of this topology is attached in my first post. Please have a look at it as well. That diagram will tell you the topology I m using and

as requested, following is the config on two routers.

Switch Service Module-1
===============
Int fa 1/0/1
Desc laptop-1 having IP 172.16.0.1 255.255.0.0 is connected on this port.
Sw acc vlan 1
Int gi 1/0/2
Desc Internal Dot1q Trunk
sw mode tr
sw trun en dot1q
==========
On Router-1
========
L2tp-class l2tpclass11

pseudowire-class pseudoclass11
encap l2tpv3
internetworking ethernet
protocol l2tpv3 l2tpclass11
ip local interface loopback 0

Int loopback 0
ip add 10.1.1.1 255.255.255.255

int gi 0/0
Desc Directly connected to Router-2 on port gi 0/0

No ip address

Int gi0/0.1
Encap dot1q 1
ip add 10.0.0.1 255.0.0.0

Inter gi 2/0
Desc Trunk to Switch Module
ip add 192.168.0.1 255.255.255.0

Inter gi 2/0.1
xconnect 10.2.2.2 22 encap l2tpv3 pw-class pseudoclass11

=========================================================
Switch Service Module-2
===============
Int fa 1/0/1
Desc laptop-2 having IP 172.16.0.2 255.255.0.0 is connected on this port.
Sw acc vlan 1
Int gi 1/0/2
Desc Internal Dot1q Trunk
sw mode tr
sw trun en dot1q
==========
On Router-2
========
L2tp-class l2tpclass11

pseudowire-class pseudoclass11
encap l2tpv3
internetworking ethernet
protocol l2tpv3 l2tpclass11
ip local interface loopback 0

Int loopback 0
ip add 10.2.2.2 255.255.255.255

int gi 0/0
Desc Directly connected to Router-1 on port gi 0/0
No IP address
Int gi0/0.1
Encap dot1q 1
ip add 10.0.0.2 255.0.0.0
Inter gi 2/0
Desc Trunk to Switch Module
ip add 192.168.0.1 255.255.255.0

Inter gi 2/0.1
xconnect 10.1.1.1 22 encap l2tpv3 pw-class pseudoclass11

OSPF is running so all the routng is in place. Router 1 can ping router 2 loopback and other IP address.
L2TP tunnel comes up straight away but Laptop-1 cant ping laptop2 and vice versa.

Thanks in advance.

alibahrian110 · ‎03-08-2018

Hi Julio.

Did u get a chance to look at the topology n the config?