Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2154
Views
0
Helpful
5
Replies

Configure L2TP On Router using Sub interface

alibahrian110
Level 1
Level 1

‎03-07-2018 01:34 AM - edited ‎03-05-2019 10:02 AM

Hi There,

 

I have 2x2800 routers with NME-16ES-1G-P - 16-port 10/100 Cisco EtherSwitch Service Module installed in it.

 

I created L2tp tunnel using Physical interfaces on the routers. It works fine. laptops could ping each other.

 

Now I Want to create a L2TPtunnel from the router sub interface to another router physical interface. 

Following config I applied. Tunnel comes up but the two laptops cant ping.

 

Following is the Config

Service Module-1

===============

Int fa 1/0/1

     Desc laptop-1 having IP 172.16.0.1 255.255.0.0 is connected on this port.

     Sw acc vlan 1

Int gi 1/0/2

     Desc Internal Dot1q Trunk

     sw mode tr

     sw trun en dot1q

==========

On Router-1

========

L2tp-class  l2tpclass11

 

pseudowire-class pseudoclass11

       encap l2tpv3

       internetworking ethernet

       protocol l2tpv3 l2tpclass11

       ip local interface loopback 0

 

Int loopback 0

    ip add 10.1.1.1 255.255.255.255

 

int gi 0/0

      Desc Directly connected to Router-2 on port gi 0/0 

      ip add 10.0.0.1 255.0.0.0

 

Inter gi 2/0

       Desc Trunk to Switch Module

       ip add 192.168.0.1 255.255.255.0

 

Inter gi 2/0.1

xconnect 10.2.2.2 22 encap l2tpv3 pw-class pseudoclass11

 

 

=========================================================

Service Module-2

===============

Int fa 1/0/1

      Desc laptop-2 having IP 172.16.0.2 255.255.0.0 is connected on this port.

     Sw acc vlan 1

Int gi 1/0/2

     Desc Internal Dot1q Trunk

     sw mode tr

     sw trun en dot1q

==========

On Router-2

========

L2tp-class  l2tpclass11

 

pseudowire-class pseudoclass11

       encap l2tpv3

       internetworking ethernet

       protocol l2tpv3 l2tpclass11

       ip local interface loopback 0

 

Int loopback 0

    ip add 10.2.2.2 255.255.255.255

 

int gi 0/0

      Desc Directly connected to Router-1 on port gi 0/0 

      ip add 10.0.0.2 255.0.0.0

Inter gi 2/0

       Desc Trunk to Switch Module

       ip add 192.168.0.1 255.255.255.0

 

Inter gi 2/0.1

xconnect 10.1.1.1 22 encap l2tpv3 pw-class pseudoclass11

 

OSPF is running so all the routng is in place. Router 1 can ping router 2 loopback and other IP address.

L2TP tunnel comes up straight away but Laptop-1 cant ping laptop2 and vice versa.

 

Any sggestion whats wrong in the config.

 

1 person had this problem
Labels:
Preview file
19 KB
0 Helpful
5 Replies 5

Julio E. Moisa
VIP
VIP

‎03-07-2018 03:13 AM - edited ‎03-07-2018 03:48 AM

Hi

If you are going to use L2TP with Sub-interfaces, everything needs to be configured with sub-interfaces including the CE routers, otherwise the L2VPN will be up but not traffic transit through, You can verify the following example:

 

PE01

pseudowire-class L2VPN
encapsulation l2tpv3
ip local interface Loopback0

 

interface GigabitEthernet0/0
no ip address
negotiation auto
no keepalive
!
interface GigabitEthernet0/0.100
encapsulation dot1Q 100
xconnect 2.2.2.2 100 encapsulation l2tpv3 pw-class L2VPN

 

 

PE02

pseudowire-class L2VPN
encapsulation l2tpv3
ip local interface Loopback0

 

interface GigabitEthernet0/0
no ip address
negotiation auto
!
interface GigabitEthernet0/0.100
encapsulation dot1Q 100
xconnect 1.1.1.1 100 encapsulation l2tpv3 pw-class L2VPN

 

 

CLIENT ROUTER01

interface G0/0
no ip address
!
interface G0/0.100
encapsulation dot1Q 100
ip address 192.168.100.1 255.255.255.0

 

 

CLIENT ROUTER02

interface G0/0
no ip address
!
interface G0/0.100
encapsulation dot1Q 100
ip address 192.168.100.2 255.255.255.0

 

 

If you are using Trunk on the client routers remember to allow the VLAN associated to the L2VPN. 

 

Hope it is useful

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

alibahrian110
Level 1
Level 1
In response to Julio E. Moisa

‎03-07-2018 07:48 PM - edited ‎03-07-2018 07:50 PM

Hi Julio.

thanks for the suggestion however it didn’t work. I changed my config to adopt ur suggestion that all the connectivity should be based on sub interfaces. 

 

So so I changed the interfaces on my both the router to subinterface i.e. changed the following for router 1

int gi0/0

no ip add

int gi0/0.1

encap dot1q 1

! For router 1

ip address 10.0.0.1 255.0.0.0

 

for router 2 

int gi0/0
no ip add
int gi0/0.1
encap dot1q 1
! For router 1
ip address 10.0.0.2 255.0.0.0

 

rest of the config were the same. But no luck. I made sure that I was using only vlan 1 through the config n sub interface. 

 

Can u suggest what is wrong now 

thanks is advance. 

 

0 Helpful

Julio E. Moisa
VIP
VIP
In response to alibahrian110

‎03-08-2018 05:09 AM

Hi

is possible to share the config of the all devices involved on this L2VPN?

Thank you in advance. 




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

alibahrian110
Level 1
Level 1
In response to Julio E. Moisa

‎03-08-2018 03:02 PM

HI Julio,

 

I have Two routers directly connected with each other using port gi0/0. 

Both routers have 16 port switch module connected within the router chassis. 

Diagram of this topology is attached in my first post. Please have a look at it as well. That diagram will tell you the topology I m using and 

as requested, following is the config on two routers. 

 

Switch Service Module-1
===============
Int fa 1/0/1
     Desc laptop-1 having IP 172.16.0.1 255.255.0.0 is connected on this port.
     Sw acc vlan 1
Int gi 1/0/2
     Desc Internal Dot1q Trunk
     sw mode tr
     sw trun en dot1q
==========
On Router-1
========
L2tp-class  l2tpclass11
 
pseudowire-class pseudoclass11
       encap l2tpv3
       internetworking ethernet
       protocol l2tpv3 l2tpclass11
       ip local interface loopback 0
 
Int loopback 0
    ip add 10.1.1.1 255.255.255.255
 
int gi 0/0
      Desc Directly connected to Router-2 on port gi 0/0 

      No ip address 

Int gi0/0.1
      Encap dot1q 1
      ip add 10.0.0.1 255.0.0.0
 
Inter gi 2/0
       Desc Trunk to Switch Module
       ip add 192.168.0.1 255.255.255.0
 
Inter gi 2/0.1
xconnect 10.2.2.2 22 encap l2tpv3 pw-class pseudoclass11
 
 
=========================================================
Switch Service Module-2
===============
Int fa 1/0/1
      Desc laptop-2 having IP 172.16.0.2 255.255.0.0 is connected on this port.
     Sw acc vlan 1
Int gi 1/0/2
     Desc Internal Dot1q Trunk
     sw mode tr
     sw trun en dot1q
==========
On Router-2
========
L2tp-class  l2tpclass11
 
pseudowire-class pseudoclass11
       encap l2tpv3
       internetworking ethernet
       protocol l2tpv3 l2tpclass11
       ip local interface loopback 0
 
Int loopback 0
    ip add 10.2.2.2 255.255.255.255
 
int gi 0/0
      Desc Directly connected to Router-1 on port gi 0/0
      No IP address
Int gi0/0.1
      Encap dot1q 1
      ip add 10.0.0.2 255.0.0.0
Inter gi 2/0
       Desc Trunk to Switch Module
       ip add 192.168.0.1 255.255.255.0
 
Inter gi 2/0.1
xconnect 10.1.1.1 22 encap l2tpv3 pw-class pseudoclass11
 
OSPF is running so all the routng is in place. Router 1 can ping router 2 loopback and other IP address.
L2TP tunnel comes up straight away but Laptop-1 cant ping laptop2 and vice versa.
 

Thanks in advance.  

 

0 Helpful

alibahrian110
Level 1
Level 1
In response to alibahrian110

‎03-08-2018 03:31 PM - edited ‎03-08-2018 08:49 PM

Hi Julio. 

 

Did u get a chance to look at the topology n the config?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card