cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
671
Views
15
Helpful
29
Replies

LNS L2TP termination of PPPoE sessions with FreeRADIUS 2

bsalem
Beginner
Beginner

Hello,

 

I'm trying to repro this small lab "https://null.53bits.co.uk/index.php?page=pppoe-initial-set-up-with-freeradius-2" to test PPPoe with FreeRADUIS but I have some issues!

 

I captured the packed between CPE f0/0 and LAC using wireshark and probably there is a problem with PPP CHAP! 

Note: No packets captured between LAC and LNS.

 

You can find more details in the attached capture.

 

thank you, 

 

29 Replies 29

MHM Cisco World
Advisor
Advisor

Can i see config ?

yes sure! it's more easy to see the config from this link "https://null.53bits.co.uk/index.php?page=pppoe-initial-set-up-with-freeradius-2"

 

Thank you

try open link many times error open,

please share the config

 

can I see your config, I think you miss one command.

Ok you can find the config (CPE, LAC, LNS) in the attached files.

 

Thank yyou,

there is no LNS-LAC traffic so 
point to check 
ping from LNS to LAC using the IP address you use under VPDN group (initiate and terminate)
if Ping success BUT still CPE failed 

terminate-from hostname l2tp-tunnel<- change this to IP of LAC 

if both failed 
Use local AAA instead for FreeRadius 

Hi,

Thank your for you reply!

The problem now is that when I test the authentification from the lns to the freeradius with #test aaa group radius server 192.0.2.1 auth-port 1812 acct-port 1813 testuser@example.net testpassword legacy, It's working !! but from the CPE to the freeradius, the authentication failed! 

Note: there is not an issue between the CPE and the LNS because I used a local AAA and it's working.

You can see the difference between the 2 requests from the lns to the raduis with #test aaa command and from the CPE to the radius in same interface f0/0 of the lns in the attached captures. 

 

1- command must be delete
ip dhcp pool PPPoEPool <<<- this for ethernet client here it is PPPoE client so delete this 
   network 192.0.2.128 255.255.255.128

2- command must be to add
ip local pool pppoe  192.0.3.10 192.0.3.100

Thank you !

But even with the first command it's working when using local AAA! I mean that the issue is related to the authentification using freeradius not the dhcp pool!

I mention two point, 
the DHCP POOL how you config it 
and the subnet of DHCP Pool, the issue you use OSPF and use DHCP Pool same subnet that LAC LNS (and I think the radius) use it, so this make me think that this issue is reachable issue not Auth issue, That why I ask you to change the DHCP Pool subnet.
if after change still same issue then with some help of wireshark we can solve the auth.

 

 

wireshark 
between CPE and LAC and LAC LNS 
if you can also LNS Radius 

Thank you,

Which format do you want ? pcapng is not supported here.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers