Re: L2TPv3 tunneling xconnect through WAN

sachazufferey · ‎04-08-2015

hi guys,

I'm depressed, I can't get a working tunnel... I've tested everything I can, read docs, posts, etc... but it doesn't work.

I need to extend my Vlan105 from the HQ to a remote site.

Here is my setup :

PC [Fa] <---> [Gi] Cisco 2960-X [Gi24] <---> [Fa2] Cisco 886 [Dia0] <---> [[[WAN]]] <---> [Dia0] Cisco 886 [Fa2] <---> [Gi24] Cisco 2960-X [Gi] <---> [Fa] PC

And the config :

R1

pseudowire-class MYCLASS1
encapsulation l2tpv3
ip local interface Dialer0

interface FastEthernet2
switchport access vlan 105
no ip address
xconnect 200.10.40.213 100 encapsulation l2tpv3 pw-class MYCLASS1

interface Vlan105
ip address 10.10.10.100 255.255.240.0
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452

interface Dialer0
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
ppp authentication chap callin
ppp chap hostname 1234@domain.com
ppp chap password 7 1234
ppp pap refuse
no cdp enable

R2

pseudowire-class MYCLASS1
encapsulation l2tpv3
ip local interface Dialer0

interface FastEthernet2
switchport access vlan 105
no ip address
xconnect 40.20.40.20 100 encapsulation l2tpv3 pw-class MYCLASS1

interface Vlan105
ip address 10.10.10.200 255.255.240.0
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452

interface Dialer0
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname 1234@domain.com
ppp chap password 7 1234
crypto map vpn-dpm -------------------------->>>>>> I have a VPN too on this router, I tried to remove it but the problem is the same.

The tunnel is "established" but I can't ping from side-to-side BUT when I try "sh cdp neighbors" I see the switch from the other side...

ADSL_Centrale#sh l2tun

L2TP Tunnel and Session Information Total tunnels 1 sessions 1

LocTunID RemTunID Remote Name State Remote Address Sessn L2TP Class/
Count VPDN Group
2998600478 552634819 R2 est 200.10.40.213 1 l2tp_default_cl

LocID RemID TunID Username, Intf/ State Last Chg Uniq ID
Vcid, Circuit
2226540584 1855064800 2998600478 100, Fa2 est 14:44:21 5

Please help me to find a solution to this, thanks in advance for your help.

Have a nice day.

Sacha

minhda · ‎04-09-2015

Hello,

Please post the interfaces configuration on switches at both ends.

Regards,

Minh

sachazufferey · ‎04-09-2015

Hi,

Switch HQ (R1 side) :

interface GigabitEthernet1/0/24
description *** Link to router ***
switchport access vlan 105
switchport mode access
spanning-tree bpdufilter enable

Switch Remote (R2 side) :

interface FastEthernet0/30
description *** Link to router ***
switchport access vlan 105
switchport mode access
spanning-tree bpdufilter enable

Thanks for your help!

minhda · ‎04-09-2015

Thanks. Please show spanning vlan 105 on the switches.

And does the ping work between pc & router at per site?

sachazufferey · ‎04-09-2015

Yup it works...

SP for remote site :

VLAN0105
Spanning tree enabled protocol rstp
Root ID Priority 24681
Address 001e.f70d.f080
Cost 12
Port 28 (GigabitEthernet0/4)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32873 (priority 32768 sys-id-ext 105)
Address 0023.344a.0980
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 300

Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1 Desg FWD 4 128.1 P2p
Gi0/4 Root FWD 4 128.28 P2p
Fa0/30 Desg FWD 19 128.34 P2p Peer(STP)

minhda · ‎04-09-2015

Thanks for the outputs. How about spanning tree on other site?

Please also post the details show of l2tpv3 tunnels.

sachazufferey · ‎04-09-2015

Same result on the other side...

Thanks.

sachazufferey · ‎04-09-2015

Same result on the other side...

Thanks.

Maurizio Roggia · ‎07-21-2022

Hi, did you find where was the problem? I'm hitting the same strange behavior.

Thanks

MHM Cisco World · ‎07-21-2022

make new post share it here in community