[cisco-bba] Fw: l2tp problem
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Tue Jan 9 02:19:59 EST 2007
Hi,
I can't tell why the ERX doesn't build a tunnel when you use a "Default VPDN Group" (i.e. without any "terminate-from hostname" statement in it). But if it works with a hostname, and you need to use more than one LAC, try configuring a generic name (like "ERX-LAC" or something like this) as local name on the ERX (using the "client-name" command) and reference the same name on the LNS' "terminate-from hostname")..
oli
cisco-bba-bounces at puck.nether.net <> wrote on Tuesday, January 09, 2007 2:31 AM:
> hello!
>
>
> i have a l2tp problem about juniper erx and cisco 7401.
>
>
> radius
> |
> |
> pppoe client----LAC(erx)----LNS(cisco7401)
>
> only CISCO7401 configure command terminate-from
> hostname LAC,the tunnel created。
> if have multi lac to LNS?this is a problem.scalability
> is very bad。
>
> ERX use default configuration.no any specific configuration.
>
> CISCO configuration example
>
> vpdn-group zju.com!ZJ
> accept-dialin
> protocol l2tp
> virtual-template 2
> lcp renegotiation always
> no l2tp tunnel authentication
> l2tp tunnel password 0 cisco
> ip precedence immediate
>
> the configuration result in the tunnelcan't created.if use
> vpdn-group zju.com!ZJ accept-dialin
> protocol l2tp
> virtual-template 2
> terminate-from hostname HZCNC-100-BRAS-01
> lcp renegotiation always
> no l2tp tunnel authentication
> l2tp tunnel password 0 cisco
> ip precedence immediate
>
> the tunnel can created.
>
> debug information
>
> ERX
>
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (): Authenticate configuration
> data: tag = 0, type = 1, transport = ipUdp, routerId = Router
> 0x80000001, address =
> 58.100.228.66, tName = default, tSecret = ,
> tLocalHostName = HZCNC-100-BRAS-01,
> tPeerHostName = HZCNC-88-BRAS-02, tLocalAddress = 58.100.228.16
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*):
> Update IP transport config:
> local address = 58.100.228.16, remote address = 58.100.228.66
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = message, length = 8, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = protocolVersion, length = 8, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = hostName, length = 23, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = framingCapabilities, length = 10, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = assignedTunnelId, length = 8, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = receiveWindowSize, length = 8, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = firmwareRevision, length = 8, flags = ‾M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = vendorName, length = 28, flags = ‾M ‾H
> NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*):
> Changing mibState from
> idle to connecting
> NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (15000024,*):
> Changing effective
> adminState from disabled to enabled
> INFO 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*):
> Processing incoming
> in-sequence sccrp from vr default, remote address
> 58.100.228.66 -
> controlHeader.Ns = 0
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = message, length = 8, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = protocolVersion, length = 8, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = firmwareRevision, length = 8, flags = ‾M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = hostName, length = 22, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = vendorName, length = 25, flags = ‾M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = receiveWindowSize, length = 8, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = challenge, length = 22, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = assignedTunnelId, length = 8, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = framingCapabilities, length = 10, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = bearerCapabilities, length = 10, flags = M ‾H
> ERROR 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): Configuration
> error processing incoming sccrp from vr default, remote
> address 58.100.228.66 -
> challenge with no local secret
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = message, length = 8, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = assignedTunnelId, length = 8, flags = M ‾H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = resultCode, length = 34, flags = M ‾H
> NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (): No more configuration
> records NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*):
> Changing mibState from
> connecting to disconnecting
>
> CISCO:
>
> an 9 00:31:51: Tnl 51399 L2TP: Control channel
> retransmit delay set to 1 seconds
> *Jan 9 00:31:51: Tnl 51399 L2TP: Tunnel state change
> from idle to wait-ctl-reply
> *Jan 9 00:31:51: Tnl 51399 L2TP: Parse AVP 0, len 8,
> flag 0x8000 (M)
> *Jan 9 00:31:51: Tnl 51399 L2TP: Parse StopCCN
> *Jan 9 00:31:51: Tnl 51399 L2TP: Parse AVP 9, len 8,
> flag 0x8000 (M)
> *Jan 9 00:31:51: Tnl 51399 L2TP: Assigned Tunnel ID 35
> *Jan 9 00:31:51: Tnl 51399 L2TP: Parse AVP 1, len 34, flag 0x8000
> (M)
> *Jan 9 00:31:51: L2X: Result code(2): 2: General error - refer to
> error code
> *Jan 9 00:31:51: Error code(6): Vendor specific
> *Jan 9 00:31:51: Optional msg: challenge with no secret
> *Jan 9 00:31:51: Tnl 51399 L2TP: No missing AVPs in StopCCN
> *Jan 9 00:31:51: Tnl 51399 L2TP: I StopCCN, flg TLS,
> ver 2, len 62, tnl 51399, ns 1, nr 1
> contiguous pak, size 62
> C8 02 00 3E C8 C7 00 00 00 01 00 01 80 08 00 00
> 00 00 00 04 80 08 00 00 00 09 00 23 80 22 00 00
> 00 01 00 02 00 06 63 68 61 6C 6C 65 6E 67 65 20
> 77 69 74 68 20 6E 6F 20 73 65 63 72 65 74
> *Jan 9 00:31:51: Tnl 51399 L2TP: O ZLB ctrl ack, flg
> TLS, ver 2, len 12, tnl 35, ns 1, nr 2
>
> problem
> if have multi lac to LNS?this is a problem.scalability
> is very bad。 I have multi ERX AS LAC,how do?
>
>
>
> CAN any body help me ?
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> = = = = = = = = = = = = = = = = = = = =
> 致
> 礼!
> zxd
> zxd at chinahcn.com
> 2007-01-09
More information about the cisco-bba
mailing list