[cisco-nas] client-initiated l2tp tunnel

Félix Izquierdo fizquierdo at l3consulting.com
Tue Feb 8 10:22:30 EST 2005


I remember that it was a problem in the first releases when the feature 
was introduced with auth direction. The workaround was to force the 
whished direction with "ppp direction".

You can check it with "debug ppp authentication".


Félix



Jaco Engelbrecht wrote:
> hi,
> 
> we are trying to setup an l2tp tunnel up from an cisco 837 adsl router to an lns.
> 
> we are able to establish the tunnel, the session however will not get established.  i've attached the c837's config (you'll see very basic - still testing).
> 
> we've tried using chap/pap with local auth and radius - the problem seems to be with the ppp auth.  could anyone advise of any known problems when using this feature?  google and cco has limited information.
> 
> thanks in advance
> 
> -jaco
> 
> --
> Current configuration : 1904 bytes
> !
> version 12.3
> no service pad
> service timestamps debug datetime msec
> service timestamps log datetime msec
> service password-encryption
> !
> hostname dsl-ce
> !
> memory-size iomem 5
> enable secret 5 $1$x7yn$hE1YnaYv2nQ2mnT2x2fk6.
> !
> no aaa new-model
> ip subnet-zero
> ip telnet source-interface Ethernet0
> no ip domain lookup
> !
> !
> ip cef
> ip cef accounting per-prefix 
> ip audit notify log
> ip audit po max-events 100
> l2tp-class l2tpclass1
> !
> pseudowire-class pwclass1
>  encapsulation l2tpv2
>  ip local interface ATM0.1
> !
> no ftp-server write-enable
> !
> interface Loopback1
>  no ip address
> !
> interface Ethernet0
>  ip address 172.20.8.17 255.255.255.248
>  no cdp enable
>  hold-queue 100 out
> !
> interface ATM0
>  no ip address
>  load-interval 30
>  no atm ilmi-keepalive
>  dsl operating-mode auto
> !
> interface ATM0.1 point-to-point
>  pvc 8/35 
>   pppoe-client dial-pool-number 1
>  !
> !
> interface FastEthernet1
>  no ip address
>  duplex auto
>  speed auto
> !
> interface FastEthernet2
>  no ip address
>  duplex auto
>  speed auto
> !
> interface FastEthernet3
>  no ip address
>  duplex auto
>  speed auto
> !
> interface FastEthernet4
>  no ip address
>  duplex auto
>  speed auto
> !
> interface Virtual-PPP1
>  ip unnumbered Ethernet0
>  no cdp enable
>  ppp authentication chap
>  ppp chap hostname clns1-rba
>  ppp chap password 7 131112011F050A2D
>  pseudowire 10.10.208.137 10 pw-class pwclass1
> !
> interface Dialer0
>  ip address negotiated
>  no ip redirects
>  encapsulation ppp
>  ip route-cache flow
>  load-interval 30
>  dialer pool 1
>  dialer-group 1
>  ppp authentication pap callin
>  ppp pap sent-username bje at chiefjanitor.com password 0 mypassword
> !
> ip classless
> ip route 0.0.0.0 0.0.0.0 Dialer0
> ip route 192.168.198.0 255.255.255.0 Virtual-PPP1
> !
> no ip http server
> no ip http secure-server
> !
> !
> line con 0
>  exec-timeout 120 0
>  no modem enable
>  stopbits 1
> line aux 0
> line vty 0 4
>  exec-timeout 120 0
>  password 7 0507070D
>  login local
>  length 0
> !
> scheduler max-task-time 5000
> !
> end
> --
> 
> 





More information about the cisco-nas mailing list