cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
344
Views
0
Helpful
0
Replies
Highlighted
Beginner

Layer 2 Traffic

hi,

PLEASE HELP, I am getting desperate to resolve this. Thanks

I have 2 887va routers which are both connected to an ADSL line and I have set them up to pass layer 2 traffic via L2TP.

I am injecting layer 2 traffic into one of the routers using Colasoft and the PC at the other end os monitoring the traffic with wireshark.

My problem is nothing is coming accross the tunnel, in fact I believe thast the traffic is not even getting to the tunnel as the ports are not set up crrectly.

I have configured the F1 with

# Switchport Access Vlan 200                  

# no shutdoen

I then connect the ethernet cable to port F1 from the PC and with Debug enabled for L2TP All only the hello traffic is shown.

Please can someone help as I think I am missing something simple.

Thanks.

Building configuration...

Current configuration : 3973 bytes

!

! Last configuration change at 13:03:15 UTC Thu May 2 2013

! NVRAM config last updated at 13:04:17 UTC Thu May 2 2013

! NVRAM config last updated at 13:04:17 UTC Thu May 2 2013

version 15.1

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname XXX

!

boot-start-marker

boot-end-marker

!

enable secret 4 pozkvcqXiM/f4AVrqz8PjSI9KxXYqhSXdmI.1yi0uD2

!

no aaa new-model

memory-size iomem 10

crypto pki token default removal timeout 0

!   

ip source-route

!        

ip cef

no ipv6 cef

l2tp-class l2tpclass2

authentication

password xxx

!        

l2tp-class l

!        

vpdn enable

!        

vpdn-group vpdngroup1

accept-dialin

  protocol l2tp

  virtual-template 1

terminate-from hostname xxxxx

!        

license udi pid CISCO887VA-K9 sn FCZ1706908Q

!        

controller VDSL 0

!

pseudowire-class pwclass2

encapsulation l2tpv3

sequencing both

ip local interface Dialer0

ip pmtu 

ip tos reflect

ip ttl 100

!

!        

!

crypto isakmp policy 1

encr 3des

hash md5

authentication pre-share

group 2 

crypto isakmp key xxxx address xxx.xxx.xxx.xxx

crypto isakmp keepalive 30 5

!

!        

crypto ipsec transform-set XXX esp-3des esp-md5-hmac

!        

crypto map Cmap 10 ipsec-isakmp

set peer xxx.xxx.xxx.xxx

set transform-set XXX

match address 101

!

bridge irb

!

interface Loopback1

no ip address

!

interface Ethernet0

no ip address

shutdown

no fair-queue

!        

interface ATM0

no ip address

ip nat outside

ip virtual-reassembly in

no atm ilmi-keepalive

pvc 0/38

  encapsulation aal5mux ppp dialer

  dialer pool-member 1

!

!        

interface FastEthernet0

switchport access vlan 2

no ip address

!        

interface FastEthernet1

switchport access vlan 200

no ip address

!

interface FastEthernet2

no ip address

!        

interface FastEthernet3

no ip address

!

interface Virtual-Template1

ip unnumbered Loopback1

ppp authentication chap

ppp chap hostname xxxxx

!        

interface Virtual-PPP2

ip unnumbered Loopback1

ppp authentication chap

ppp chap hostname xxxxx

pseudowire xxx.xxx.xxx.xxx 10 pw-class pwclass2

!        

interface Vlan1

no ip address

ip nat inside

ip virtual-reassembly in

shutdown

!        

interface Vlan2

no ip address

bridge-group 1

bridge-group 1 input-address-list 700

bridge-group 1 output-address-list 700

!        

interface Vlan200

no ip address

!        

interface Dialer0

ip address xxx.xxx.xxx.xxx 255.255.255.0

no ip redirects

no ip unreachables

ip mtu 1492

ip nat outside

ip virtual-reassembly in

encapsulation ppp

dialer pool 1

ppp authentication chap callin

ppp chap hostname xxxx

ppp chap password 0 xxxx

ppp ipcp route default

ppp ipcp address accept

no cdp enable

crypto map Cmap

!

interface Dialer1

no ip address

!        

interface Dialer9

no ip address

shutdown

!        

interface BVI1

ip address 192.168.1.1 255.255.255.0

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

ip nat inside source list 100 interface Dialer0 overload

ip route 0.0.0.0 0.0.0.0 Dialer0

ip route 78.105.250.120 255.255.255.255 Dialer0

ip route 192.168.1.0 255.255.255.0 Virtual-PPP2

!        

access-list 50 deny   any log

access-list 100 deny   ip 192.0.0.0 0.255.255.255 192.0.0.0 0.255.255.255

access-list 100 permit ip 192.168.1.0 0.0.0.255 any

access-list 101 permit ip 192.0.0.0 0.255.255.255 192.0.0.0 0.255.255.255

access-list 101 permit tcp 192.0.0.0 0.255.255.255 192.0.0.0 0.255.255.255

access-list 101 permit udp 192.0.0.0 0.255.255.255 192.0.0.0 0.255.255.255

access-list 101 permit icmp 192.0.0.0 0.255.255.255 192.0.0.0 0.255.255.255

access-list 101 deny   ip any any

access-list 101 deny   tcp any any

access-list 101 deny   udp any any

access-list 101 deny   icmp any any

access-list 111 deny   tcp any any eq telnet

access-list 111 permit ip any any

access-list 700 permit 0000.0000.0000   ffff.ffff.ffff

dialer-list 1 protocol ip permit

!        

bridge 1 protocol ieee

bridge 1 route ip

!        

line con 0

line aux 0

line vty 0 4

access-class 50 in

exec-timeout 0 0

no login

transport input none

transport output none

!

end      

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards