[cisco-bba] Cisco as L2TP Access Concentrator (LAC)
rado at dev.magnet.ie
Wed Mar 5 03:44:11 EST 2008
You're right - I removed the two commands as Tom suggested but still have
the virtual template cloned... which brings me to the question which
IOS/feature set should I use for my future LACs? I will be using 7206 and
7301s that already need IP Plus and MPLS features in addition to the newer
From: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com]
Sent: 05 March 2008 08:36
To: Tom Storey; Rado Vasilev
Cc: cisco-bba at puck.nether.net
Subject: RE: [cisco-bba] Cisco as L2TP Access Concentrator (LAC)
I guess this is due to the IOS version deployed on the box. 12.2
mainline doesn't have the newer infrastructure as in 12.2SB/12.3/12.4.
As we don't start IPCP, IP address or pool information are ignored
Tom Storey <mailto:tom at snnap.net> wrote on Wednesday, March 05, 2008
> Why does your LAC show the user as being connected via Virtual-
> interface 1?
> Ideally a LAC would not show any terminated users, only forwarded
> sessions. In your case, it appears you have both.
> In your virtual template, change "ip unnumbered Loopback1" to "no ip
> address" and add "no peer default ip address".
> On 05/03/2008, at 1:55 AM, Rado Vasilev wrote:
>> Hi Oliver,
>> Thanks for your help - I got it working now!!!
>> --- Minimal Cisco LAC configuration ---
>> aaa new-model
>> aaa authentication login default local
>> aaa authentication ppp default local
>> vpdn enable
>> vpdn multihop
>> vpdn-group 1
>> protocol pppoe
>> virtual-template 1
>> vpdn-group 2
>> protocol l2tp
>> domain deckland.com
>> initiate-to ip 188.8.131.52
>> local name deckland.com
>> no l2tp tunnel authentication
>> source-ip 184.108.40.206
>> interface FastEthernet2/0.5
>> description PPPoE Test
>> encapsulation dot1Q 5
>> pppoe enable
>> pppoe max-sessions 100
>> interface Virtual-Template1
>> description PPPoE Test
>> ip unnumbered Loopback1
>> keepalive 30
>> ppp authentication chap
>> lac#sh vpdn tunnel
>> L2TP Tunnel Information Total tunnels 1 sessions 1
>> LocID RemID Remote Name State Remote Address Port Sessions
>> 21754 33850 d-test-lns1 est 220.127.116.11 1701 1
>> lac#sh users
>> Line User Host(s) Idle Location
>> * 2 vty 0 admin idle 00:00:00 18.104.22.168
>> Interface User Mode Idle Peer
>> Address Vi1 rado at deckl Virtual PPP (PPPoE ) 00:00:00
>> -----Original Message-----
>> From: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com]
>> Sent: 04 March 2008 14:04
>> To: Rado Vasilev; cisco-bba at puck.nether.net
>> Subject: RE: [cisco-bba] Cisco as L2TP Access Concentrator (LAC)
>> Rado Vasilev <mailto:rado at dev.magnet.ie> wrote on Tuesday, March 04,
>> 2008 2:47 PM:
>>> Hi Oliver,
>>> I added the global configuration command ``vpdn multihop'' but that
>>> didn't help. Did you mean to recommend some additional command(s)
>>> under the vpdn-group too?
>> Well, I meant to configure a pppoe vpdn-group (or bba-group,
>> depending on version) and a virtual-template just as you did
>> initially (you mentioned that you successfully terminated the pppoe
>> sessions on the 7200). This is required to accept pppoe sessions.
>> The "vpdn multihop" along with the addtl. vpdn-group will take care
>> of L2TP forwarding. So the 7200 will act as LNS as well as LAC
>> (sometimes referred to as "multihop LNS")..
>> you might want to consider upgrading to 12.3M or 12.4M to get addtl.
>> functionality for this type of application..
>> No virus found in this incoming message.
>> Checked by AVG Free Edition.
>> Version: 7.5.516 / Virus Database: 269.21.4/1309 - Release Date:
>> 03/03/2008 18:50
>> cisco-bba mailing list
>> cisco-bba at puck.nether.net
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.21.4/1312 - Release Date: 04/03/2008
More information about the cisco-bba