Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1444
Views
0
Helpful
3
Replies

"pool-member" command missing in vpdn-group for ios 15?

j_friedrich
Level 1
Level 1

‎04-27-2012 01:45 PM

Hi guys,

     We have noticed the 'pool-member' command that is used in the 'vpdn-group' (when command 'request-dialin' is used) is no longer available in ios 15.  It is available in ios 12.  It it used to link a dialer to the vpdn-group.  Was it moved elsewhere or is there a different way to link the dialer to the vpdn-group?

Thanks.

Jason

3 people had this problem
Labels:
0 Helpful
3 Replies 3

daniel.messana
Level 1
Level 1

‎02-09-2014 08:24 PM

Is there any updates on this post?  i am having an issue with this as well while trying to config using the following sample at http://forum.strongvpn.com/forums/topic/12/l2tp-ipsec-with-cisco-ios   

!

service internal

no ip source-route

no ip gratuitous-arps

!

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1

ip dhcp excluded-address 10.10.10.127 10.10.10.254

!

ip dhcp pool LAN

import all

network 10.10.10.0 255.255.255.0

domain-name local

dns-server 10.10.10.1

default-router 10.10.10.1

!

!

ip cef

ip domain name local

ip name-server 8.8.8.8

ip name-server 8.8.4.4

ip multicast-routing

no ipv6 cef

!

vpdn enable

!

vpdn-group L2TP-STRONGVPN

request-dialin

protocol l2tp

pool-member 2

initiate-to ip 66.151.32.12

no l2tp tunnel authentication

!

!

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

crypto isakmp key *********** address 66.151.32.12

!

!

crypto ipsec transform-set ESP-AES256-SHA esp-aes 256 esp-sha-hmac

mode transport

!

crypto map STRONGVPN 10 ipsec-isakmp

set peer 66.151.32.12

set transform-set ESP-AES256-SHA

match address L2TP-SA-DIALER0

!

!

track 1 interface Dialer0 ip routing

!

!

interface ATM0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

no atm ilmi-keepalive

dsl bitswap both

!

interface ATM0.1 point-to-point

description $ES_WAN$$FW_OUTSIDE$

ip flow ingress

pvc 1/32

pppoe-client dial-pool-number 1

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Vlan1

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

no ip route-cache cef

no ip route-cache

ip policy route-map MAP-INTERNET

!

interface Dialer0

ip address negotiated

ip mtu 1492

ip flow ingress

ip nat outside

ip virtual-reassembly

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname ********

ppp chap password 7 *********

ppp pap sent-username ******* password 7 ***********

crypto map STRONGVPN

!

interface Dialer1

description VPN (StrongVPN)

ip address negotiated

ip mtu 1400

ip flow ingress

ip nat outside

ip virtual-reassembly

encapsulation ppp

ip tcp adjust-mss 1360

dialer pool 2

dialer idle-timeout 0

dialer string 123

dialer vpdn

dialer-group 2

no cdp enable

ppp chap hostname *****

ppp chap password 7 *************

!

ip route 0.0.0.0 0.0.0.0 Dialer0

!

ip dns server

ip nat inside source route-map MAP-NAT-DSL1 interface Dialer0 overload

ip nat inside source route-map MAP-NAT-VPN1 interface Dialer1 overload

!

ip access-list extended L2TP-SA-DIALER0

permit udp host 188.96.77.237 host 66.151.32.12 eq 1701

!

access-list 1 permit 10.0.0.0 0.255.255.255

access-list 2 permit 10.10.10.0 0.0.0.127

access-list 3 permit 10.10.10.128 0.0.0.127

access-list 101 permit ip 10.10.10.0 0.0.0.127 host 208.75.79.17

access-list 101 permit ip 10.10.10.0 0.0.0.127 host 208.75.76.17

! ... and lots of other ips

!

access-list 199 permit ip any any

!

dialer-list 1 protocol ip permit

dialer-list 2 protocol ip permit

!

no cdp run

!

!

route-map MAP-INTERNET permit 10

match ip address 101

set interface Dialer1

!

route-map MAP-INTERNET permit 98

match ip address 3

set interface Dialer1

!

route-map MAP-INTERNET permit 99

match ip address 1

set interface Dialer0

!

route-map MAP-NAT-DSL1 permit 10

match ip address 1

match interface Dialer0

!

route-map MAP-NAT-VPN1 permit 10

match ip address 1

match interface Dialer1

!

!

event manager applet dialer0-up

event track 1 state up

action 001 cli command "enable"

action 100 cli command "show ip interface brief | include Dialer0"

action 101 regexp " [0-9.]+ " "$_cli_result" ip

action 200 cli command "conf t"

action 201 cli command "ip access-list extended L2TP-SA-DIALER0"

action 202 cli command "no 10"

action 203 cli command "10 permit udp host $ip host 66.151.32.12 eq 1701"

action 204 cli command "exit"

action 210 cli command "interface Dialer1"

action 211 cli command "no shutdown"

action 212 cli command "exit"

action 299 cli command "exit"

event manager applet dialer0-down

event track 1 state down

action 001 cli command "enable"

action 100 cli command "conf t"

action 101 cli command "interface Dialer1"

action 102 cli command "shutdown"

action 103 cli command "exit"

action 199 cli command "exit"

action 200 cli command "clear l2tp all" pattern "[confirm]"

action 201 cli command "confirm"

action 202 cli command "clear crypto session"

action 203 cli command "clear crypto sa"


0 Helpful

alexvoronovitsky
Level 1
Level 1
In response to daniel.messana

‎04-06-2014 09:32 AM

Anyone?

0 Helpful

alexvoronovitsky
Level 1
Level 1

‎04-04-2014 02:31 AM

Hello,

I have the same problem,

How do I make a specific dialer interface to go through a specific vpdn-group (l2tp request-dialin connection) ?
Is there any replacement configuration for this?
 

Thanks.

0 Helpful
Customers Also Viewed These Support Documents