[c-nsp] PPPoe Server and Forwarding on Cisco ASR1001X

Olivier CALVANO o.calvano at gmail.com
Fri Aug 28 11:33:39 EDT 2020 

i understand ;=) i don't have put AAA Radius on the virtual template

sorry


Le ven. 28 août 2020 à 16:59, Olivier CALVANO <o.calvano at gmail.com> a
écrit :

> Hi
>
>  i want use a Cisco ASR1001X for PPPoE connexion and forwarding the l2tp
>
>
> aaa new-model
>
> aaa group server radius radius-local
>  server-private 192.168.168.1 auth-port 1812 acct-port 1813 key xxx
>  ip radius source-interface Loopback0
> !
> aaa authentication ppp ppp-radius group radius-local
> aaa authorization network network-radius group radius-local
> aaa session-id common
>
> vpdn enable
> vpdn multihop
> vpdn authen-before-forward
> vpdn logging
> vpdn logging local
> vpdn logging user
> vpdn logging tunnel-drop
> vpdn history failure table-size 50
> !
> vpdn-group Network-Collect
>  accept-dialin
>   protocol l2tp
>   virtual-template 1
>  lcp renegotiation always
>  no l2tp tunnel authentication
>  ip mtu adjust
>  relay pppoe bba-group Network-Collect-BBA
>
> bba-group pppoe Network-Collect-BBA
>  virtual-template 1
>  sessions per-vc limit 2
>  sessions per-mac limit 1
>
> interface Port-channel10
>  no ip address
>  pppoe enable group Network-Collect-BBA
>  lacp max-bundle 3
>
> interface Virtual-Template1
>  ip unnumbered Loopback0
>  no ip redirects
>  no ip unreachables
>  no ip proxy-arp
>  no logging event link-status
>  no peer default ip address
>  no snmp trap link-status
>  no keepalive
>  ppp authentication pap chap callin
>
> In logs, i see the request of the 877 routers:
>
> Aug 28 14:53:38.532: PPPoE 0: I PADI  R:0017.5997.529e L:ffff.ffff.ffff
> 820 Po10.820
> Aug 28 14:53:38.532:  Service tag: NULL Tag
> Aug 28 14:53:38.532: PPPoE 0: O PADO, R:80e0.1d7c.b049 L:0017.5997.529e
> 820 Po10.820
> Aug 28 14:53:38.532:  Service tag: NULL Tag
> Aug 28 14:53:40.580: PPPoE 0: I PADR  R:0017.5997.529e L:80e0.1d7c.b049
> 820 Po10.820
> Aug 28 14:53:40.580:  Service tag: NULL Tag
> Aug 28 14:53:40.580: PPPoE : encap string prepared
> Aug 28 14:53:40.580: [136]PPPoE 136: Access IE handle allocated
> Aug 28 14:53:40.580: [136]PPPoE 136: AAA get retrieved attrs
> Aug 28 14:53:40.580: [136]PPPoE 136: AAA get nas port details
> Aug 28 14:53:40.580: [136]PPPoE 136: Error adjusting nas port format did
> Aug 28 14:53:40.580: dyn_attrs->xmit_rate: 1410065408 dyn_attrs->rcv_rate:
> 1410065408
> Aug 28 14:53:40.580: [136]PPPoE 136: AAA get dynamic attrs
> Aug 28 14:53:40.580: [136]PPPoE 136: AAA unique ID 94 allocated
> Aug 28 14:53:40.580: [136]PPPoE 136: No AAA accounting method list
> Aug 28 14:53:40.580: [136]PPPoE 136: Service request sent to SSS
> Aug 28 14:53:40.580: [136]PPPoE 136: Created, Service: None
> R:80e0.1d7c.b049 L:0017.5997.529e 820 Po10.820
> Aug 28 14:53:40.581: [136]PPPoE 136: State NAS_PORT_POLICY_INQUIRY
>  Event SSS MORE KEYS
> Aug 28 14:53:40.581: [136]PPPoE 136: data path set to PPP
> Aug 28 14:53:40.581: [136]PPPoE 136: Segment (SSS class): PROVISION
> Aug 28 14:53:40.581: [136]PPPoE 136: State PROVISION_PPP    Event SSM
> PROVISIONED
> Aug 28 14:53:40.581: [136]PPPoE 136: O PADS  R:0017.5997.529e
> L:80e0.1d7c.b049 Po10.820
> Aug 28 14:53:40.581: [136]PPPoE 136 <Po10.820:820>: Unable to add line
> attributes from ANCP
> Aug 28 14:53:40.581: [136]PPPoE 136: Unable to Add ANCP Line attributes to
> the PPPoE Authen attributes
> Aug 28 14:53:40.762: [136]PPPoE 136: State LCP_NEGOTIATION    Event PPP
> DISCONNECT
> Aug 28 14:53:40.762: [136]PPPoE 136: O PADT  R:0017.5997.529e
> L:80e0.1d7c.b049 Po10.820
> Aug 28 14:53:40.762: [136]PPPoE 136: Destroying  R:0017.5997.529e
> L:80e0.1d7c.b049 820 Po10.820
> Aug 28 14:53:40.762: dyn_attrs->xmit_rate: 1410065408 dyn_attrs->rcv_rate:
> 1410065408
> Aug 28 14:53:40.762: [136]PPPoE 136: AAA get dynamic attrs
> Aug 28 14:53:40.762: [136]PPPoE 136: AAA account stopped
> Aug 28 14:53:40.763: [136]PPPoE 136: Segment (SSS class): UNPROVISION
> Aug 28 14:53:40.794: PPPoE 136: I PADT  R:0017.5997.529e L:80e0.1d7c.b049
> 820 Po10.820
>
>
>
> but the router don't request information to radius server and stop pppoe
> process
>
>
> anyone have a idea of my error ?
>
> thanks
> olivier
>
>

More information about the cisco-nsp mailing list