[cisco-bba] Cisco as L2TP Access Concentrator (LAC)
Tom Storey
tom at snnap.net
Wed Mar 5 04:58:47 EST 2008
Interesting. As I said to Oli, I have never seen this in my
experience, even with older 12.2 IOS versions, though that was on 2600
series, not 7200 series as you are using.
Cheers,
Tom
On 05/03/2008, at 7:42 PM, Rado Vasilev wrote:
> I did - it appeared again:
>
> lac#sh users
> Line User Host(s) Idle Location
> * 2 vty 0 admin idle 00:00:00 4.4.4.4
>
> Interface User Mode Idle Peer
> Address
> Vi1 rado at deckl Virtual PPP (PPPoE ) 00:00:07
>
> lac#clear int vi1
>
> lac#sh users
> Line User Host(s) Idle Location
> * 2 vty 0 admin idle 00:00:00 4.4.4.4
>
> Interface User Mode Idle Peer
> Address
> Vi2 rado at deckl Virtual PPP (PPPoE ) 00:00:00
>
>
> Rado
>
> -----Original Message-----
> From: Tom Storey [mailto:tom at snnap.net]
> Sent: 05 March 2008 09:00
> To: Rado Vasilev
> Cc: 'Oliver Boehmer (oboehmer)'; cisco-bba at puck.nether.net
> Subject: Re: [cisco-bba] Cisco as L2TP Access Concentrator (LAC)
>
> Did you happen to clear the existing session off, and let it re-
> establish?
>
> Didnt see you mention that. :-)
>
> Cheers,
> Tom
>
> On 05/03/2008, at 7:14 PM, Rado Vasilev wrote:
>
>> Oliver,
>>
>> You're right - I removed the two commands as Tom suggested but still
>> have
>> the virtual template cloned... which brings me to the question which
>> IOS/feature set should I use for my future LACs? I will be using
>> 7206 and
>> 7301s that already need IP Plus and MPLS features in addition to the
>> newer
>> BBA features.
>>
>>
>> Regards,
>> Rado
>>
>>
>> -----Original Message-----
>> From: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com]
>> Sent: 05 March 2008 08:36
>> To: Tom Storey; Rado Vasilev
>> Cc: cisco-bba at puck.nether.net
>> Subject: RE: [cisco-bba] Cisco as L2TP Access Concentrator (LAC)
>>
>> Tom,
>>
>> I guess this is due to the IOS version deployed on the box. 12.2
>> mainline doesn't have the newer infrastructure as in 12.2SB/
>> 12.3/12.4.
>> As we don't start IPCP, IP address or pool information are ignored
>> anyway..
>>
>> oli
>>
>>
>> Tom Storey <mailto:tom at snnap.net> wrote on Wednesday, March 05, 2008
>> 9:25 AM:
>>
>>> Why does your LAC show the user as being connected via Virtual-
>>> interface 1?
>>>
>>> Ideally a LAC would not show any terminated users, only forwarded
>>> sessions. In your case, it appears you have both.
>>>
>>> In your virtual template, change "ip unnumbered Loopback1" to "no ip
>>> address" and add "no peer default ip address".
>>>
>>> On 05/03/2008, at 1:55 AM, Rado Vasilev wrote:
>>>
>>>> Hi Oliver,
>>>>
>>>> Thanks for your help - I got it working now!!!
>>>>
>>>> --- Minimal Cisco LAC configuration ---
>>>>
>>>> aaa new-model
>>>> aaa authentication login default local
>>>> aaa authentication ppp default local
>>>>
>>>>
>>>> vpdn enable
>>>> vpdn multihop
>>>> !
>>>> vpdn-group 1
>>>> accept-dialin
>>>> protocol pppoe
>>>> virtual-template 1
>>>> !
>>>>
>>>> vpdn-group 2
>>>> request-dialin
>>>> protocol l2tp
>>>> domain deckland.com
>>>> initiate-to ip 2.2.2.2
>>>> local name deckland.com
>>>> no l2tp tunnel authentication
>>>> source-ip 1.1.1.1
>>>>
>>>> interface FastEthernet2/0.5
>>>> description PPPoE Test
>>>> encapsulation dot1Q 5
>>>> pppoe enable
>>>> pppoe max-sessions 100
>>>>
>>>>
>>>> interface Virtual-Template1
>>>> description PPPoE Test
>>>> ip unnumbered Loopback1
>>>> keepalive 30
>>>> ppp authentication chap
>>>>
>>>> ----------------------------------------
>>>>
>>>> lac#sh vpdn tunnel
>>>>
>>>> L2TP Tunnel Information Total tunnels 1 sessions 1
>>>>
>>>> LocID RemID Remote Name State Remote Address Port Sessions
>>>> 21754 33850 d-test-lns1 est 2.2.2.2 1701 1
>>>>
>>>> lac#sh users
>>>> Line User Host(s) Idle Location
>>>> * 2 vty 0 admin idle 00:00:00 3.3.3.3
>>>>
>>>> Interface User Mode Idle Peer
>>>> Address Vi1 rado at deckl Virtual PPP (PPPoE ) 00:00:00
>>>>
>>>> Regards,
>>>> Rado
>>>>
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com]
>>>> Sent: 04 March 2008 14:04
>>>> To: Rado Vasilev; cisco-bba at puck.nether.net
>>>> Subject: RE: [cisco-bba] Cisco as L2TP Access Concentrator (LAC)
>>>>
>>>> Rado Vasilev <mailto:rado at dev.magnet.ie> wrote on Tuesday, March
>>>> 04,
>>>> 2008 2:47 PM:
>>>>
>>>>> Hi Oliver,
>>>>>
>>>>> I added the global configuration command ``vpdn multihop'' but
>>>>> that
>>>>> didn't help. Did you mean to recommend some additional command(s)
>>>>> under the vpdn-group too?
>>>>
>>>> Well, I meant to configure a pppoe vpdn-group (or bba-group,
>>>> depending on version) and a virtual-template just as you did
>>>> initially (you mentioned that you successfully terminated the pppoe
>>>> sessions on the 7200). This is required to accept pppoe sessions.
>>>> The "vpdn multihop" along with the addtl. vpdn-group will take care
>>>> of L2TP forwarding. So the 7200 will act as LNS as well as LAC
>>>> (sometimes referred to as "multihop LNS")..
>>>>
>>>> you might want to consider upgrading to 12.3M or 12.4M to get
>>>> addtl.
>>>> functionality for this type of application..
>>>>
>>>> oli
>>>>
>>>>
>>>>
>>>> No virus found in this incoming message.
>>>> Checked by AVG Free Edition.
>>>> Version: 7.5.516 / Virus Database: 269.21.4/1309 - Release Date:
>>>> 03/03/2008 18:50
>>>>
>>>>
>>>> _______________________________________________
>>>> cisco-bba mailing list
>>>> cisco-bba at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-bba
>>
>> No virus found in this incoming message.
>> Checked by AVG Free Edition.
>> Version: 7.5.516 / Virus Database: 269.21.4/1312 - Release Date:
>> 04/03/2008
>> 21:46
>>
>>
>
>
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.516 / Virus Database: 269.21.4/1312 - Release Date:
> 04/03/2008
> 21:46
>
>
More information about the cisco-bba
mailing list