[cisco-bba] 7204vxr as LNS - provider is LAC

Nathan Downes nathandownes at hotmail.com
Fri Jul 31 18:48:55 EDT 2015 

Hi Wayne,

 

Thankyou we have progress!!! This shows how laziness causes problems later, when we setup the call termination service 3 years ago I had to specifically route 2 ranges through a private lan.

 

202.10.4.0/28

202.10.4.16/28

 

Stupid me decided to be lazy and do the below on our core switch the 7204vxr connects to save typing both out

 

ip route 202.10.4.0 255.255.255.0 10.239.238.121

 

turns out they use 202.10.4.128/25 for the LACs across all the states..

 

Fixed the above and I can at least ping it now :)

 

Sending 5, 100-byte ICMP Echos to 202.10.4.147, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

 

Tunnel wont attempts again until modem tries connecting to LAC, it slows down reattempts as time goes on, seeing if I can get it restarted.  We have progress!

 

 

From: Wayne Lee [mailto:linkconnect at googlemail.com] 
Sent: Friday, 31 July 2015 8:47 PM
To: Nathan Downes <nathandownes at hotmail.com>
Subject: Re: [cisco-bba] 7204vxr as LNS - provider is LAC

 

How are you getting back to 202.10.4.147

 

You will need a route back to the tunnel sources 

 

On 31 July 2015 at 11:38, Nathan Downes <nathandownes at hotmail.com <mailto:nathandownes at hotmail.com> > wrote:

Hi James,

I thought that solved it, I didn't have a source-ip set so I set source-ip
to .29 but it still appears to fail due to unreachable .28??

http://pastebin.com/h0cagDPk

>From what I gather I get the SCCRQ and for some reason a SCCRP is not making
it back, then tunnel is killed.




-----Original Message-----
From: cisco-bba [mailto:cisco-bba-bounces at puck.nether.net <mailto:cisco-bba-bounces at puck.nether.net> ] On Behalf Of
James Bensley
Sent: Friday, 31 July 2015 7:49 PM
To: cisco-bba at puck.nether.net <mailto:cisco-bba at puck.nether.net> 
Subject: Re: [cisco-bba] 7204vxr as LNS - provider is LAC

Hi Nathan,

Have you made a configruation mistake in your VPDN group maybe?
Perhaps you can share your config, that is always helpful.

You have this in your logs:


Jul 31 18:22:04.352: L2TP tnl   08060:________:     remote ip set to
202.10.4.147
Jul 31 18:22:04.352: L2TP tnl   08060:________:     local ip set to
203.111.114.28
...
Jul 31 18:22:04.352: L2TP tnl   08060:00003A1E:     local ip set to
203.111.114.29

Then this:

Jul 31 18:22:11.348: L2TP       _____:________: I StopCCN, flg TLS,
ver 2, len 75
...
Jul 31 18:22:11.352: L2TP       _____:________:        "203.111.114.28
is unreachable"
....
Jul 31 18:22:11.352: L2TP tnl   08060:00003A1E: Shutting down tunnel
Jul 31 18:22:11.352: L2TP tnl   08060:00003A1E:   Result Code
Jul 31 18:22:11.352: L2TP tnl   08060:00003A1E:     General error -
refer to error code
Jul 31 18:22:11.352: L2TP tnl   08060:00003A1E:   Error Code
Jul 31 18:22:11.352: L2TP tnl   08060:00003A1E:     Vendor specific
Jul 31 18:22:11.352: L2TP tnl   08060:00003A1E:   Vendor Error
Jul 31 18:22:11.352: L2TP tnl   08060:00003A1E:     Tunnel shut
Jul 31 18:22:11.352: L2TP tnl   08060:00003A1E:   Optional Message
Jul 31 18:22:11.352: L2TP tnl   08060:00003A1E:     "203.111.114.28 is
unreachable"

Have you got a mismatch between you "source-ip" on the VPDN group and actual
interface IP?

Cheers,
James.
_______________________________________________
cisco-bba mailing list
cisco-bba at puck.nether.net <mailto:cisco-bba at puck.nether.net> 
https://puck.nether.net/mailman/listinfo/cisco-bba
_______________________________________________
cisco-bba mailing list
cisco-bba at puck.nether.net <mailto:cisco-bba at puck.nether.net> 
https://puck.nether.net/mailman/listinfo/cisco-bba

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-bba/attachments/20150801/b5cb9dd5/attachment.html>

More information about the cisco-bba mailing list