SR520 as PPPoE server

Juan Luis Hoyo · ‎03-28-2012

Hi everyone!

I´m trying to configure SR520 Cisco router as PPPoE server.

The point is, when configuration is done and PPPoE client is directly connected to the interface, SR520 doesn´t respond to incoming PADI. PADI is not shown in PPPoE debugs (debug pppoe events, packets and errors).

On the other hand, I get the PADI capturing packets with wireshark (so PADI is being sent) and the same configuration on other router works fine.

Configuration attached.

Any response woulb be appreciated. Thank you in advance.

paolo bevilacqua · ‎03-28-2012

Maybe if you remove all the firewall commands the router would have an easier life handling packets.

Also important that you run an update IOS version.

Juan Luis Hoyo · ‎03-29-2012

Hi Paolo,

thank you for your answer. I tried removing all security commands, but still the same.

Something I don´t like is I get nothing when executing "show pppoe session", and virtual-access interface is always down.

About IOS version, 12.4(20)T6 is now running. To get newer version I need a service contract I don´t have.

SR520#show deb

PPPoE:

PPPoE protocol events debugging is on

PPPoE control packets debugging is on

SR520#term mon

SR520#show pppoe sess

SR520#show pppoe summ

SR520#show ip inter brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0 unassigned YES unset up up

FastEthernet1 unassigned YES unset up down

FastEthernet2 unassigned YES unset up down

FastEthernet3 unassigned YES unset up down

FastEthernet4 172.31.2.1 YES NVRAM up up

NVI0 172.31.2.1 YES unset up up

Virtual-Access1 unassigned YES unset down down

Virtual-Template1 172.31.2.1 YES TFTP down down

Vlan1 unassigned YES NVRAM up down

Vlan75 172.16.0.1 YES NVRAM up up

Vlan76 172.16.1.1 YES NVRAM up down

Vlan77 172.16.2.1 YES NVRAM up down

Vlan78 unassigned YES NVRAM up down

Vlan79 unassigned YES NVRAM up down

SR520#show run

Building configuration...

Current configuration : 3695 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname SR520

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

enable secret 5 $1$dom0$tWAokJnzOvuSrgH2vPVC21

!

no aaa new-model

!

crypto pki trustpoint TP-self-signed-1508651344

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-1508651344

revocation-check none

rsakeypair TP-self-signed-1508651344

!

crypto pki certificate chain TP-self-signed-1508651344

certificate self-signed 01

3082023D 308201A6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

69666963 6174652D 31353038 36353133 3434301E 170D3032 30333036 30333030

34325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 35303836

35313334 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

81009C5B 85195357 642EAFD1 E2CEAEE9 92BB8207 15F3D20E 270D0FFF 6B0E3B91

2CBC42A0 540C3A1D BD11D85A D67B7CAE 36EC71E2 50C29A8E E83ECA03 80BD3B69

65E557F1 B4886BF6 36A319B0 E0865DED 3091B7B0 969D66CF B98F5909 2E95CD95

C5F28F78 29DF96F3 DDEDF18E 6088F54A 501D8062 F6C10CF5 3E07DE9F 0A534A81

50770203 010001A3 65306330 0F060355 1D130101 FF040530 030101FF 30100603

551D1104 09300782 05535235 3230301F 0603551D 23041830 1680146E FD6DDD8F

EC1220FF 0EABA56B 1668A2C7 9FE85A30 1D060355 1D0E0416 04146EFD 6DDD8FEC

1220FF0E ABA56B16 68A2C79F E85A300D 06092A86 4886F70D 01010405 00038181

00600546 83E2FE69 BDBC3F87 9B71FF8A 3F0E9C5A 4EE7C304 7CB53591 5F0C0BA8

616C209D 3C427708 251C3AC7 69AEC4AB 5F21296C 8BF7B3EA 97393BA1 64CD7BAD

CE0A40BD A271B426 0A01E498 01F0F32D 8665232A F09D88C3 48411E3B 7928C787

AA1A7292 6AC686B0 ECB65A43 E511B398 41BFEFEB 553974BF 0BDBB0D2 E83BA538 CC

quit

dot11 syslog

ip source-route

!

ip dhcp excluded-address 172.31.2.1

!

ip dhcp pool DHCP_VLAN75

network 172.16.0.0 255.255.255.0

default-router 172.16.0.1

!

ip dhcp pool poolpppoe

network 172.31.2.0 255.255.255.0

!

ip cef

ip name-server 8.8.8.8

ip name-server 8.8.4.4

!

no ipv6 cef

multilink bundle-name authenticated

!

username cisco privilege 15 secret 5 $1$5Zs7$mUcUCddFZ32hT9dxIFbuD/

!

archive

log config

logging enable

logging size 600

hidekeys

!

bba-group pppoe global

virtual-template 1

!

interface FastEthernet0

switchport access vlan 75

!

interface FastEthernet1

switchport access vlan 76

!

interface FastEthernet2

switchport access vlan 77

!

interface FastEthernet3

!

interface FastEthernet4

ip address 172.31.2.1 255.255.255.0

ip virtual-reassembly

load-interval 30

duplex auto

speed auto

pppoe enable group global

!

interface Virtual-Template1

mtu 1492

ip unnumbered FastEthernet4

peer default ip address dhcp-pool poolpppoe

!

interface Vlan1

no ip address

!

interface Vlan75

ip address 172.16.0.1 255.255.255.0

ip virtual-reassembly

!

interface Vlan76

ip address 172.16.1.1 255.255.255.0

ip virtual-reassembly

!

interface Vlan77

ip address 172.16.2.1 255.255.255.0

ip virtual-reassembly

!

interface Vlan78

no ip address

!

interface Vlan79

no ip address

!

ip forward-protocol nd

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source list 1 interface FastEthernet4 overload

!

control-plane

!

banner login ^CSR520 Base Config - MFG 1.0 ^C

!

line con 0

login local

no modem enable

line aux 0

line vty 0 4

privilege level 15

login local

transport input telnet ssh

!

scheduler max-task-time 5000

end