[cisco-bba] Cisco as L2TP Access Concentrator (LAC)

Tue Mar 4 07:35:45 EST 2008

Rado,

you may want to go back to your LNS configuration, then add "vpdn
multihop" and put in your vpdn-group which initiates a tunnel (i.e. the
one you showed below). This should do what you want. The 7200 will
terminate the pppoe session, but once it receives the PPP authentication
request, "vpdn multihop" will trigger a search if the session is to be
forwarded or locally terminated. As the user domain matches, it will
forward it.

    oli

________________________________

From: cisco-bba-bounces at puck.nether.net
[mailto:cisco-bba-bounces at puck.nether.net] On Behalf Of Rado Vasilev
Sent: Tuesday, March 04, 2008 1:20 PM
To: cisco-bba at puck.nether.net
Subject: [cisco-bba] Cisco as L2TP Access Concentrator (LAC)

Hi group,

I'm trying to configure a 7206VXR as a LAC (L2TP Access Concentrator)
without any success.

Here's my testlab setup - any view of what I might be doing wrong much
appreciated!

DSL modem configured with PPPoE and username rado at deckland.com is
connected to a Layer2 transparent DSLAM.

DSLAM port is mapped to vlan 5 which is terminated with a subinterface
on the 7206.

If I configure the router as LNS (vpdn group and virtual template
interface), the PPPoE session gets locally terminated

and I have connectivity to the modem. This basically proves the VLAN
connectivity from the DSLAM port to the Cisco router.

What my end goal is to use the device as LAC and not LNS. I have a
second router that's already configured as LNS and

this is where I want the PPP session terminated at.

[DSL modem] <-- dsl_line ---> [vlan_5 DSLAM dot1q_trunk] <--- uplink
---> [fa2/0.5 C7206VXR fa0/0] <--- IP ---> [LNS router]

Here's my configuration on the 7206:

------------------ 7206 conf -------------------

hostname lac

aaa new-model

aaa authentication login default local

aaa authentication ppp default local

aaa authorization network default local

vpdn enable

vpdn search-order domain dnis

vpdn-group 1

 request-dialin

  protocol l2tp

  domain deckland.com

 initiate-to ip 2.2.2.2

 no l2tp tunnel authentication

! 2.2.2.2 is the IP of the remote LNS server

interface FastEthernet2/0.5

 description PPPoE Test

 encapsulation dot1Q 5

 pppoe enable

 pppoe max-sessions 100

--------------------------------------------------

The above configuration basically tries to manually establish L2TP
tunnel to the remote LNS.

Debbuging while the modem tries to connect shows in the logs:

*Mar  4 02:49:33.531: PPPoE 0: I PADI L:ffff.ffff.ffff R:0002.cf65.e602
5 Fa2/0.5

*Mar  4 02:49:33.531: PPPoE 0: No info L:ffff.ffff.ffff R:0002.cf65.e602
5 Fa2/0.5

*Mar  4 02:49:41.531: PPPoE 0: I PADI L:ffff.ffff.ffff R:0002.cf65.e602
5 Fa2/0.5

*Mar  4 02:49:41.531: PPPoE 0: No info L:ffff.ffff.ffff R:0002.cf65.e602
5 Fa2/0.5

*Mar  4 02:49:57.535: PPPoE 0: I PADI L:ffff.ffff.ffff R:0002.cf65.e602
5 Fa2/0.5

*Mar  4 02:49:57.535: PPPoE 0: No info L:ffff.ffff.ffff R:0002.cf65.e602
5 Fa2/0.5

*Mar  4 02:49:59.531: PPPoE 0: I PADI L:ffff.ffff.ffff R:0002.cf65.e602
5 Fa2/0.5

It looks that Cisco doesn't want to respond on the incoming PADI
messages...

sh version

Cisco Internetwork Operating System Software

IOS (tm) 7200 Software (C7200-JK9S-M), Version 12.2(46a), RELEASE
SOFTWARE (fc1)

Compiled Thu 12-Jul-07 00:38 by pwade

Image text-base: 0x60008940, data-base: 0x617A4110

ROM: System Bootstrap, Version 12.0(19990210:195103) [12.0XE 105],
DEVELOPMENT SOFTWARE

BOOTLDR: 7200 Software (C7200-BOOT-M), Version 12.0(10)S, EARLY
DEPLOYMENT RELEASE SOFTWARE (fc1)

d-magneto-pe1 uptime is 18 hours, 45 minutes

System returned to ROM by reload at 08:04:11 UTC Mon Mar 3 2008

System image file is "slot1:c7200-jk9s-mz.122-46a.bin"

Any help appreciated!

Rado

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-bba/attachments/20080304/9ede08a8/attachment-0001.html 