[cisco-bba] Cisco as L2TP Access Concentrator (LAC)
Rado Vasilev
rado at dev.magnet.ie
Wed Mar 5 03:44:11 EST 2008
Oliver,
You're right - I removed the two commands as Tom suggested but still have
the virtual template cloned... which brings me to the question which
IOS/feature set should I use for my future LACs? I will be using 7206 and
7301s that already need IP Plus and MPLS features in addition to the newer
BBA features.
Regards,
Rado
-----Original Message-----
From: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com]
Sent: 05 March 2008 08:36
To: Tom Storey; Rado Vasilev
Cc: cisco-bba at puck.nether.net
Subject: RE: [cisco-bba] Cisco as L2TP Access Concentrator (LAC)
Tom,
I guess this is due to the IOS version deployed on the box. 12.2
mainline doesn't have the newer infrastructure as in 12.2SB/12.3/12.4.
As we don't start IPCP, IP address or pool information are ignored
anyway..
oli
Tom Storey <mailto:tom at snnap.net> wrote on Wednesday, March 05, 2008
9:25 AM:
> Why does your LAC show the user as being connected via Virtual-
> interface 1?
>
> Ideally a LAC would not show any terminated users, only forwarded
> sessions. In your case, it appears you have both.
>
> In your virtual template, change "ip unnumbered Loopback1" to "no ip
> address" and add "no peer default ip address".
>
> On 05/03/2008, at 1:55 AM, Rado Vasilev wrote:
>
>> Hi Oliver,
>>
>> Thanks for your help - I got it working now!!!
>>
>> --- Minimal Cisco LAC configuration ---
>>
>> aaa new-model
>> aaa authentication login default local
>> aaa authentication ppp default local
>>
>>
>> vpdn enable
>> vpdn multihop
>> !
>> vpdn-group 1
>> accept-dialin
>> protocol pppoe
>> virtual-template 1
>> !
>>
>> vpdn-group 2
>> request-dialin
>> protocol l2tp
>> domain deckland.com
>> initiate-to ip 2.2.2.2
>> local name deckland.com
>> no l2tp tunnel authentication
>> source-ip 1.1.1.1
>>
>> interface FastEthernet2/0.5
>> description PPPoE Test
>> encapsulation dot1Q 5
>> pppoe enable
>> pppoe max-sessions 100
>>
>>
>> interface Virtual-Template1
>> description PPPoE Test
>> ip unnumbered Loopback1
>> keepalive 30
>> ppp authentication chap
>>
>> ----------------------------------------
>>
>> lac#sh vpdn tunnel
>>
>> L2TP Tunnel Information Total tunnels 1 sessions 1
>>
>> LocID RemID Remote Name State Remote Address Port Sessions
>> 21754 33850 d-test-lns1 est 2.2.2.2 1701 1
>>
>> lac#sh users
>> Line User Host(s) Idle Location
>> * 2 vty 0 admin idle 00:00:00 3.3.3.3
>>
>> Interface User Mode Idle Peer
>> Address Vi1 rado at deckl Virtual PPP (PPPoE ) 00:00:00
>>
>> Regards,
>> Rado
>>
>>
>>
>> -----Original Message-----
>> From: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com]
>> Sent: 04 March 2008 14:04
>> To: Rado Vasilev; cisco-bba at puck.nether.net
>> Subject: RE: [cisco-bba] Cisco as L2TP Access Concentrator (LAC)
>>
>> Rado Vasilev <mailto:rado at dev.magnet.ie> wrote on Tuesday, March 04,
>> 2008 2:47 PM:
>>
>>> Hi Oliver,
>>>
>>> I added the global configuration command ``vpdn multihop'' but that
>>> didn't help. Did you mean to recommend some additional command(s)
>>> under the vpdn-group too?
>>
>> Well, I meant to configure a pppoe vpdn-group (or bba-group,
>> depending on version) and a virtual-template just as you did
>> initially (you mentioned that you successfully terminated the pppoe
>> sessions on the 7200). This is required to accept pppoe sessions.
>> The "vpdn multihop" along with the addtl. vpdn-group will take care
>> of L2TP forwarding. So the 7200 will act as LNS as well as LAC
>> (sometimes referred to as "multihop LNS")..
>>
>> you might want to consider upgrading to 12.3M or 12.4M to get addtl.
>> functionality for this type of application..
>>
>> oli
>>
>>
>>
>> No virus found in this incoming message.
>> Checked by AVG Free Edition.
>> Version: 7.5.516 / Virus Database: 269.21.4/1309 - Release Date:
>> 03/03/2008 18:50
>>
>>
>> _______________________________________________
>> cisco-bba mailing list
>> cisco-bba at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-bba
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.21.4/1312 - Release Date: 04/03/2008
21:46
More information about the cisco-bba
mailing list