[c-nsp] Need help with L2TPv3

Joe Freeman joe at netbyjoe.com
Thu May 22 14:03:19 EDT 2008 

Can you ping the loopbacks from the opposite router? There's nothing in
either config that indicates how traffic flows from one router to the other.


You said you're using an ethernet x-over to connect them, but surely it's
not on the ports on which you've setup xconn statements.

Each router must be able to see the other's loop0 ip address for this to
work.

Joe

On Thu, May 22, 2008 at 12:37 PM, Steven Pfister <SPfister at dps.k12.oh.us>
wrote:

> The configs are below.
>
> By the way... whenever I post to this list, I get replies both to me and to
> the list (so I get two copies). Is this intentional? Just curious...
>
> Thanks!
>
> --Steve
>
> ----------
> router 1
> ----------
>
> Current configuration : 1374 bytes
> !
> version 12.3
> service timestamps debug datetime msec
> service timestamps log datetime msec
> no service password-encryption
> !
> hostname SanFran
> !
> boot-start-marker
> boot-end-marker
> !
> !
> no aaa new-model
> !
> resource policy
> !
> memory-size iomem 15
> ip subnet-zero
> !
> !
> ip cef
> no ip dhcp use vrf connected
> !
> !
> l2tp-class l2-dyn
>  password 7 15025C0600722C21
>  cookie size 8
> !
> pseudowire-class pw-dynamic
>  encapsulation l2tpv3
>  protocol l2tpv3 l2-dyn
>  ip local interface Loopback0
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> interface Loopback0
>  ip address 10.1.1.102 255.255.255.0
> !
> interface FastEthernet0/0
>  no ip address
>  duplex auto
>  speed auto
>  no cdp enable
> !
> interface FastEthernet0/0.200
>  encapsulation dot1Q 200
>  no snmp trap link-status
>  no cdp enable
>  xconnect 10.1.1.103 33 pw-class pw-dynamic
> !
> interface FastEthernet0/0.201
>  encapsulation dot1Q 201
>  no snmp trap link-status
>  no cdp enable
> !
> interface ATM2/0
>  no ip address
>  shutdown
>  no atm ilmi-keepalive
>  no scrambling-payload
> !
> interface ATM2/1
>  no ip address
>  shutdown
>  no atm ilmi-keepalive
>  no scrambling-payload
> !
> interface ATM2/2
>  no ip address
>  shutdown
>  no atm ilmi-keepalive
>  no scrambling-payload
> !
> interface ATM2/3
>  no ip address
>  shutdown
>  no atm ilmi-keepalive
>  no scrambling-payload
> !
> ip http server
> !
> ip classless
> !
> !
> no cdp run
> !
> !
> control-plane
> !
> !
> !
> !
> !
> !
> !
> !
> !
> line con 0
> line aux 0
> line vty 0 4
>  login
> !
> !
> end
>
> ----------
> router 2
> ----------
>
> Current configuration : 901 bytes
> !
> version 12.3
> service timestamps debug datetime msec
> service timestamps log datetime msec
> no service password-encryption
> !
> hostname NewYork
> !
> boot-start-marker
> boot-end-marker
> !
> !
> no aaa new-model
> !
> resource policy
> !
> memory-size iomem 15
> ip subnet-zero
> !
> !
> ip cef
> no ip dhcp use vrf connected
> !
> !
> l2tp-class l2-dyn
>  hostname NewYork
>  password 7 0616582B48160E1C
>  cookie size 8
> !
> pseudowire-class pw-dynamic
>  encapsulation l2tpv3
>  protocol l2tpv3 l2-dyn
>  ip local interface Loopback0
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> interface Loopback0
>  ip address 10.1.1.103 255.255.255.0
> !
> interface FastEthernet1/0
>  no ip address
>  duplex auto
>  speed auto
>  no cdp enable
> !
> interface FastEthernet1/0.201
>  encapsulation dot1Q 201
>  no cdp enable
>  xconnect 10.1.1.102 34 pw-class pw-dynamic
> !
> ip http server
> !
> ip classless
> !
> !
> no cdp run
> !
> !
> control-plane
> !
> !
> !
> !
> !
> !
> !
> !
> !
> line con 0
> line aux 0
> line vty 0 4
> !
> !
> end
>
> >>> "Fred Reimer" <freimer at ctiusa.com> 5/22/2008 12:21 PM >>>
> Yes, with 3845's, post your test config.
>
>
> Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS
> Senior Network Engineer
> Coleman Technologies, Inc.
> 954-298-1697
>
>
> > -----Original Message-----
> > From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> > bounces at puck.nether.net] On Behalf Of Steven Pfister
> > Sent: Thursday, May 22, 2008 12:11 PM
> > To: cisco-nsp at puck.nether.net
> > Subject: [c-nsp] Need help with L2TPv3
> >
> > I'm trying to get L2TPv3 figured out to help with a project. I've got a
> > test network consisting of 2 3640s (which is what is going to be used
> > as the endpoints of the tunnels in the production network) connect by a
> > crossover cable. Even using sample configs from the cisco site, I can't
> > seem to keep the tunnel from going down after about a minutes. I think
> > it may be an authentication problem.
> >
> > Does anyone have a working L2TPv3 tunnel between two 3640s?
> >
> > Thank you!
> >
> > Steve Pfister
> > Technical Coordinator,
> > The Office of Information Technology
> > Dayton Public Schools
> > 115 S. Ludlow St.
> > Dayton, OH 45402
> >
> > Office (937) 542-3149
> > Cell (937) 673-6779
> > Direct Connect: 137*131747*8
> > Email spfister at dps.k12.oh.us
> >
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> Steve Pfister
> Technical Coordinator,
> The Office of Information Technology
> Dayton Public Schools
> 115 S. Ludlow St.
> Dayton, OH 45402
>
> Office (937) 542-3149
> Cell (937) 673-6779
> Direct Connect: 137*131747*8
> Email spfister at dps.k12.oh.us
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list