Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
539
Views
0
Helpful
0
Replies

VPN L2TP - UP-IDLE - Help!

nelson_buarque1
Level 1
Level 1

‎05-12-2016 09:52 AM - edited ‎03-05-2019 04:00 AM

Hello guys,

I need your help about my VPN(L2TP). I need to use this VPN (Private Internet Access): https://www.privateinternetaccess.com/.

But after perform the configuration of my router, the crypto remains: UP-IDLE, and the connection isn't operative. (Session status: UP-IDLE).

Am I doing something wrong?

The following setting made:

crypto isakmp policy 5
encr aes 256
authentication pre-share
group 5
lifetime 28800

crypto ipsec transform-set ESP-AES256-SHA esp-aes 256 esp-sha-hmac
mode tunnel

ip access-list extended PIA_EAST_US
permit udp any host 177.154.145.100 eq 1701

crypto map PIA_VPN 5 ipsec-isakmp
set peer 177.154.145.100
set transform-set ESP-AES256-SHA1
match address PIA_EAST_US
crypto map PIA_VPN

pseudowire-class PIA_L2TP
encapsulation l2tpv2
ip local interface Dialer0


interface Virtual-PPP1
description Tunnel to PIA EAST US
ip address negotiated
no ip redirects
ip mtu 1280
ip nat outside
ip virtual-reassembly in
ppp eap refuse
ppp chap hostname x2018846
ppp chap password 7 032858333428177F622C2A
ppp ipcp address accept
no cdp enable
pseudowire 177.154.145.100 1 encapsulation l2tpv2 pw-class PIA_L2TP


interface Dialer0
description --- To Internet - Carrier=Oi - Offer=ADSL - 2000K
mtu 1492
bandwidth 574
bandwidth receive 2000
ip ddns update hostname talos-sqpe018.no-ip.info
ip ddns update NO-IP
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
load-interval 30
dialer pool 1
dialer remote-name OI-DSLAM
dialer-group 1
ppp authentication pap chap callin
ppp chap hostname oi@oi
ppp chap password 7 14181B0405
ppp pap sent-username oi@oi password 7 151D02030D6A
ppp ipcp route default
crypto map PIA_VPN
service-policy input COS-IN

The following status crypto:

#show crypto isakmp sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status
177.154.145.100 201.19.43.204 MM_NO_STATE 4205 ACTIVE (deleted)

IPv6 Crypto ISAKMP SA

#sh crypto session
Crypto session current status

Interface: Dialer0
Session status: UP-IDLE
Peer: 177.154.145.100 port 500
Session ID: 0
IKEv1 SA: local 201.19.43.204/500 remote 177.154.145.100/500 Active
Session ID: 0
IKEv1 SA: local 201.19.43.204/500 remote 177.154.145.100/500 Inactive
IPSEC FLOW: permit 17 0.0.0.0/0.0.0.0 host 177.154.145.100 port 1701
Active SAs: 0, origin: crypto map

#show crypto ipsec sa

interface: Dialer0
Crypto map tag: PIA_VPN, local addr 201.19.43.204

protected vrf: (none)
local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/17/0)
remote ident (addr/mask/prot/port): (177.154.145.100/255.255.255.255/17/1701)
current_peer 177.154.145.100 port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 1319, #recv errors 0

local crypto endpt.: 201.19.43.204, remote crypto endpt.: 177.154.145.100
plaintext mtu 1492, path mtu 1492, ip mtu 1492, ip mtu idb Dialer0
current outbound spi: 0x0(0)
PFS (Y/N): N, DH group: none

inbound esp sas:

inbound ah sas:

inbound pcp sas:

outbound esp sas:

outbound ah sas:

outbound pcp sas:

#show interface virtual-ppp1
Virtual-PPP1 is up, line protocol is down
Hardware is Virtual PPP interface
Description: Tunnel to PIA EAST US
Internet address will be negotiated using IPCP
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Closed, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 1 seconds on reset
Last input 20:09:47, output never, output hang never
Last clearing of "show interface" counters 20:34:19
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
175 packets input, 3525 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
151 packets output, 3589 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions

Nelson Neto

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents