Showing results for 
Search instead for 
Did you mean: 

question about deploying ipv6 in an isp company connected to PSTN network!!!

hi ,

  im isp company ,

all of clients are using ipv4 network

my topology is as below

PSTN========================backhauling link=========R "Isp router" ==========="gateway router" =============internet


The company is using backhanding  link to connect to PSTN ,  and by  ADSL technique the clients can  reach  to isp router  and get connected to internet .

actually im not professional in configuring tunnel between isp  router router and PSTN router .

also not profiessinal in assigning ipv6 to clients

my request is ,  :

what steps need to start deploying ipv6 , ????????????

i just want to buy new ipv6 subnet and deploy it in my company .

and need to test giving the client an ipv6 .

does it depends on backhauling  link between isp and PSTN router ????

i will paste some  config of "Isp router" and hide some info

for security i modified alot of configs and reomved alot of lines :

agian ,  in red lines below of config , i just use the local pools and assign it to my clienst .

again in not prefessional in assigning ips and i want to assing ipv6 to clients ,

i want to say that if i change pool in the redline below the config , i could control the ip clinets .

wt should i modify to assign  ipv6 to clinets  ,

wish to help about my belwo config


im so sorry for hiding alot of configs  , it just for privacy


isp#sh run

isp#sh running-config

Building configuration...

Current configuration : 9304 bytes


! Last configuration change at 13:11:04 GMT+3 Mon Sep 24 2012 by xxxx

! NVRAM config last updated at 16:10:57 GMT+3 Sun Sep 16 2012 by xxxxx


upgrade fpd auto

version 12.4

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

no service dhcp


hostname Bras





logging message-counter syslog

logging buffered 256000

no logging console

enable secret 5 xxxxx.

enable password xxxxxxxxxxxxxxxxxx


aaa new-model



aaa group server radius radiusservers

server-private xxxxx auth-port xxx acct-port xxxx key xxxxx

server-private x auth-portxxxx acct-port xxx key 7 xxxxxx


aaa authentication login adminstaff local

aaa authentication login sdm_vpn_xauth_ml_1 group radius

aaa authentication ppp vpdn group radiusservers local

aaa authorization network default group radius local

aaa authorization network vpdn group radiusservers local

aaa authorization network sdm_vpn_group_ml_1 local

aaa accounting delay-start

aaa accounting update newinfo periodic 10

aaa accounting network vpdn

action-type start-stop


group radiusservers



aaa server radius dynamic-author

client xxxx server-key xxxxxx


aaa session-id common

clock timezone GMT+3 3

no ip source-route

no ip gratuitous-arps

ip cef   





multilink bundle-name authenticated

vpdn enable

vpdn logging

vpdn logging local

vpdn history failure table-size 50


vpdn-group netsteam


  protocol l2tp

  virtual-template 1

terminate-from hostname xxxx

local name xxxx

lcp renegotiation on-mismatch

l2tp tunnel password xxxxxxx

l2tp tunnel timeout no-session 60

ip mtu adjust





log config


path disk2:/backup/$h-backup


time-period 1440



crypto isakmp policy 1

encr 3des

authentication pre-share

group 2 


crypto isakmp client configuration group zzzzz

key what2do4

pool SDM_POOL_1

acl 101 

max-users 30


crypto isakmp profile sdm-ike-profile-1

   match identity group Nayzak

   client authentication list sdm_vpn_xauth_ml_1

   isakmp authorization list sdm_vpn_group_ml_1

   client configuration address respond

   virtual-template 11



crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac


crypto ipsec profile SDM_Profile1

set transform-set ESP-3DES-SHA

set isakmp-profile sdm-ike-profile-1









interface Loopback0

ip address


interface GigabitEthernet0/1

description Internet From Gateway

speed auto

media-type rj45

negotiation auto


interface GigabitEthernet0/1.13

description OFFICE-VLAN

encapsulation dot1Q 13

no cdp enable


interface GigabitEthernet0/1.20

encapsulation dot1Q 20


interface GigabitEthernet0/1.21

encapsulation dot1Q 21

ip address ccccc


interface FastEthernet0/2

no ip address


duplex auto

speed auto


interface GigabitEthernet0/2

description vvvvvv

ip address vvvvvv

no ip redirects

no ip unreachables

no ip proxy-arp

load-interval 30

duplex auto

speed 1000

media-type sfp

negotiation auto


interface GigabitEthernet0/3


ip address vvvvvvvvvvvvv

load-interval 30

duplex auto

speed auto

media-type rj45

negotiation auto


interface Virtual-Template1

ip unnumbered GigabitEthernet0/1

ip tcp adjust-mss 1412

peer default ip address pool A1 A2 A3

ppp mtu adaptive

ppp authentication pap vpdn

ppp authorization vpdn

ppp accounting vpdn


interface Virtual-Template11 type tunnel

ip unnumbered GigabitEthernet0/3

tunnel mode ipsec ipv4

tunnel protection ipsec profile SDM_Profile1





ip radius source-interface GigabitEthernet0/1

logging alarm informational

access-list 12 permit FFF

access-list 101 permit ip FFFF

access-list 180 permit ip any 1FFFFFFF log





route-map routetoisp permit 10

set origin igp



snmp-server community DDD RO

radius-server attribute nas-port format d

radius-server configure-nas

radius-server host zzzzz auth-port zzzzz acct-port zzzz key zzzzzzzzzzzzzz

radius-server retransmit 0

radius-server key sdcsdsdsdf

radius-server vsa send cisco-nas-port

radius-server vsa send accounting

radius-server vsa send authentication




Everyone's tags (5)
CreatePlease to create content
Content for Community-Ad