[cisco-bba] Cisco as L2TP Access Concentrator (LAC)
Tom Storey
tom at snnap.net
Wed Mar 5 03:25:19 EST 2008
Why does your LAC show the user as being connected via Virtual-
interface 1?
Ideally a LAC would not show any terminated users, only forwarded
sessions. In your case, it appears you have both.
In your virtual template, change "ip unnumbered Loopback1" to "no ip
address" and add "no peer default ip address".
On 05/03/2008, at 1:55 AM, Rado Vasilev wrote:
> Hi Oliver,
>
> Thanks for your help - I got it working now!!!
>
> --- Minimal Cisco LAC configuration ---
>
> aaa new-model
> aaa authentication login default local
> aaa authentication ppp default local
>
>
> vpdn enable
> vpdn multihop
> !
> vpdn-group 1
> accept-dialin
> protocol pppoe
> virtual-template 1
> !
>
> vpdn-group 2
> request-dialin
> protocol l2tp
> domain deckland.com
> initiate-to ip 2.2.2.2
> local name deckland.com
> no l2tp tunnel authentication
> source-ip 1.1.1.1
>
> interface FastEthernet2/0.5
> description PPPoE Test
> encapsulation dot1Q 5
> pppoe enable
> pppoe max-sessions 100
>
>
> interface Virtual-Template1
> description PPPoE Test
> ip unnumbered Loopback1
> keepalive 30
> ppp authentication chap
>
> ----------------------------------------
>
> lac#sh vpdn tunnel
>
> L2TP Tunnel Information Total tunnels 1 sessions 1
>
> LocID RemID Remote Name State Remote Address Port Sessions
> 21754 33850 d-test-lns1 est 2.2.2.2 1701 1
>
> lac#sh users
> Line User Host(s) Idle Location
> * 2 vty 0 admin idle 00:00:00 3.3.3.3
>
> Interface User Mode Idle Peer
> Address
> Vi1 rado at deckl Virtual PPP (PPPoE ) 00:00:00
>
> Regards,
> Rado
>
>
>
> -----Original Message-----
> From: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com]
> Sent: 04 March 2008 14:04
> To: Rado Vasilev; cisco-bba at puck.nether.net
> Subject: RE: [cisco-bba] Cisco as L2TP Access Concentrator (LAC)
>
> Rado Vasilev <mailto:rado at dev.magnet.ie> wrote on Tuesday, March 04,
> 2008 2:47 PM:
>
>> Hi Oliver,
>>
>> I added the global configuration command ``vpdn multihop'' but that
>> didn't help.
>> Did you mean to recommend some additional command(s) under the
>> vpdn-group too?
>
> Well, I meant to configure a pppoe vpdn-group (or bba-group, depending
> on version) and a virtual-template just as you did initially (you
> mentioned that you successfully terminated the pppoe sessions on the
> 7200). This is required to accept pppoe sessions. The "vpdn multihop"
> along with the addtl. vpdn-group will take care of L2TP forwarding.
> So the 7200 will act as LNS as well as LAC (sometimes referred to as
> "multihop LNS")..
>
> you might want to consider upgrading to 12.3M or 12.4M to get addtl.
> functionality for this type of application..
>
> oli
>
>
>
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.516 / Virus Database: 269.21.4/1309 - Release Date:
> 03/03/2008
> 18:50
>
>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
More information about the cisco-bba
mailing list