[cisco-bba] Cisco as L2TP Access Concentrator (LAC)

Tom Storey tom at snnap.net
Wed Mar 5 03:25:19 EST 2008 

Why does your LAC show the user as being connected via Virtual- 
interface 1?

Ideally a LAC would not show any terminated users, only forwarded  
sessions. In your case, it appears you have both.

In your virtual template, change "ip unnumbered Loopback1" to "no ip  
address" and add "no peer default ip address".

On 05/03/2008, at 1:55 AM, Rado Vasilev wrote:

> Hi Oliver,
>
> Thanks for your help - I got it working now!!!
>
> --- Minimal Cisco LAC configuration ---
>
> aaa new-model
> aaa authentication login default local
> aaa authentication ppp default local
>
>
> vpdn enable
> vpdn multihop
> !
> vpdn-group 1
> accept-dialin
>  protocol pppoe
>  virtual-template 1
> !
>
> vpdn-group 2
> request-dialin
>  protocol l2tp
>  domain deckland.com
> initiate-to ip 2.2.2.2
> local name deckland.com
> no l2tp tunnel authentication
> source-ip 1.1.1.1
>
> interface FastEthernet2/0.5
> description PPPoE Test
> encapsulation dot1Q 5
> pppoe enable
> pppoe max-sessions 100
>
>
> interface Virtual-Template1
> description PPPoE Test
> ip unnumbered Loopback1
> keepalive 30
> ppp authentication chap
>
> ----------------------------------------
>
> lac#sh vpdn tunnel
>
> L2TP Tunnel Information Total tunnels 1 sessions 1
>
> LocID RemID Remote Name   State  Remote Address  Port  Sessions
> 21754 33850 d-test-lns1    est    2.2.2.2     1701  1
>
> lac#sh users
>    Line       User       Host(s)              Idle       Location
> *  2 vty 0     admin      idle                 00:00:00 3.3.3.3
>
>  Interface      User        Mode                     Idle     Peer  
> Address
>  Vi1          rado at deckl Virtual PPP (PPPoE ) 00:00:00
>
> Regards,
> Rado
>
>
>
> -----Original Message-----
> From: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com]
> Sent: 04 March 2008 14:04
> To: Rado Vasilev; cisco-bba at puck.nether.net
> Subject: RE: [cisco-bba] Cisco as L2TP Access Concentrator (LAC)
>
> Rado Vasilev <mailto:rado at dev.magnet.ie> wrote on Tuesday, March 04,
> 2008 2:47 PM:
>
>> Hi Oliver,
>>
>> I added the global configuration command ``vpdn multihop'' but that
>> didn't help.
>> Did you mean to recommend some additional command(s) under the
>> vpdn-group too?
>
> Well, I meant to configure a pppoe vpdn-group (or bba-group, depending
> on version) and a virtual-template just as you did initially (you
> mentioned that you successfully terminated the pppoe sessions on the
> 7200). This is required to accept pppoe sessions. The "vpdn multihop"
> along with the addtl. vpdn-group will take care of L2TP forwarding.
> So the 7200 will act as LNS as well as LAC (sometimes referred to as
> "multihop LNS")..
>
> you might want to consider upgrading to 12.3M or 12.4M to get addtl.
> functionality for this type of application..
>
> 	oli
>
>
>
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.516 / Virus Database: 269.21.4/1309 - Release Date:  
> 03/03/2008
> 18:50
>
>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba

More information about the cisco-bba mailing list