[cisco-bba] Fw: l2tp problem

zxd zxd at chinahcn.com
Mon Jan 8 20:30:48 EST 2007


hello!


i have a l2tp problem about juniper erx and cisco 7401.


                 radius
                  |
                  |
pppoe client----LAC(erx)----LNS(cisco7401)

only CISCO7401 configure command terminate-from hostname LAC,the tunnel created。
if have multi lac to LNS?this is a problem.scalability is very bad。

ERX use default configuration.no any specific configuration.

CISCO configuration example

vpdn-group zju.com!ZJ
 accept-dialin
  protocol l2tp
  virtual-template 2
 lcp renegotiation always
 no l2tp tunnel authentication
 l2tp tunnel password 0 cisco
 ip precedence immediate

the configuration result in the tunnelcan't created.if use 
vpdn-group zju.com!ZJ
 accept-dialin
  protocol l2tp
  virtual-template 2
 terminate-from hostname HZCNC-100-BRAS-01
 lcp renegotiation always
 no l2tp tunnel authentication
 l2tp tunnel password 0 cisco
 ip precedence immediate

the tunnel can created.

debug information

ERX

DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (): Authenticate configuration data: tag
= 0, type = 1, transport = ipUdp, routerId = Router 0x80000001, address =
58.100.228.66, tName = default, tSecret = , tLocalHostName = HZCNC-100-BRAS-01,
tPeerHostName = HZCNC-88-BRAS-02, tLocalAddress = 58.100.228.16
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): Update IP transport config:
local address = 58.100.228.16, remote address = 58.100.228.66
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type = message,
length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
protocolVersion, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
hostName, length = 23, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
framingCapabilities, length = 10, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
assignedTunnelId, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
receiveWindowSize, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
firmwareRevision, length = 8, flags = ~M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
vendorName, length = 28, flags = ~M ~H
NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): Changing mibState from
idle to connecting
NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (15000024,*): Changing effective
adminState from disabled to enabled
INFO 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): Processing incoming
in-sequence sccrp from vr default, remote address 58.100.228.66 -
controlHeader.Ns = 0
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type = message,
length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
protocolVersion, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
firmwareRevision, length = 8, flags = ~M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
hostName, length = 22, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
vendorName, length = 25, flags = ~M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
receiveWindowSize, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
challenge, length = 22, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
assignedTunnelId, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
framingCapabilities, length = 10, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
bearerCapabilities, length = 10, flags = M ~H
ERROR 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): Configuration error
processing incoming sccrp from vr default, remote address 58.100.228.66 -
challenge with no local secret
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type = message,
length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
assignedTunnelId, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
resultCode, length = 34, flags = M ~H
NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (): No more configuration records
NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): Changing mibState from
connecting to disconnecting

CISCO:

an  9 00:31:51:  Tnl 51399 L2TP: Control channel retransmit delay set to 1 seconds
*Jan  9 00:31:51:  Tnl 51399 L2TP: Tunnel state change from idle to wait-ctl-reply
*Jan  9 00:31:51:  Tnl 51399 L2TP: Parse  AVP 0, len 8, flag 0x8000 (M)
*Jan  9 00:31:51:  Tnl 51399 L2TP: Parse StopCCN
*Jan  9 00:31:51:  Tnl 51399 L2TP: Parse  AVP 9, len 8, flag 0x8000 (M)
*Jan  9 00:31:51:  Tnl 51399 L2TP: Assigned Tunnel ID 35
*Jan  9 00:31:51:  Tnl 51399 L2TP: Parse  AVP 1, len 34, flag 0x8000 (M)
*Jan  9 00:31:51: L2X: Result code(2): 2: General error - refer to error code
*Jan  9 00:31:51:      Error code(6): Vendor specific
*Jan  9 00:31:51:      Optional msg: challenge with no secret
*Jan  9 00:31:51:  Tnl 51399 L2TP: No missing AVPs in StopCCN
*Jan  9 00:31:51:  Tnl 51399 L2TP: I StopCCN, flg TLS, ver 2, len 62, tnl 51399, ns 1, nr 1
contiguous pak, size 62
         C8 02 00 3E C8 C7 00 00 00 01 00 01 80 08 00 00
         00 00 00 04 80 08 00 00 00 09 00 23 80 22 00 00
         00 01 00 02 00 06 63 68 61 6C 6C 65 6E 67 65 20
         77 69 74 68 20 6E 6F 20 73 65 63 72 65 74
*Jan  9 00:31:51:  Tnl 51399 L2TP: O ZLB ctrl ack, flg TLS, ver 2, len 12, tnl 35, ns 1, nr 2

problem 
if have multi lac to LNS?this is a problem.scalability is very bad。 I have multi ERX AS LAC,how do?



CAN any body help me ?





                 
                 





                
              








= = = = = = = = = = = = = = = = = = = = 
        致
礼! 
                          zxd
                          zxd at chinahcn.com
                          2007-01-09
              
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-bba/attachments/20070109/75c79f9a/attachment-0001.html 


More information about the cisco-bba mailing list