[j-nsp] M7i as LNS

Matthias Gelbhardt matthias at commy.de
Thu Apr 2 07:03:31 EDT 2009 

Hi!

At the moment I am trying to get a M7i as LNS working to terminate DSL  
lines. At the moment it seems, that the tunnel is trying to build, but  
could not be established, due to a dead tunnel 6 pic. I understand,  
that I have one of these, but do I have to switch it alive somehow?

the logs:

Apr  2 12:59:55 jnp_l2tp_fsm_tr_wait: New packet from  
213.148.133.62:1701: 139 bytes
Apr  2 12:59:55 jnp_l2tp_avp_decode_message_type: Message Type SCCRQ (1)
Apr  2 12:59:55 jnp_l2tp_avp_decode_protocol_version: Protocol Version  
1.0
Apr  2 12:59:55 jnp_l2tp_avp_decode_firmware_revision: Firmware  
Revision 0x1130
Apr  2 12:59:55 jnp_l2tp_avp_decode_host_name: Host Name: QSC_DLR2
Apr  2 12:59:55 jnp_l2tp_avp_decode_vendor_name: Vendor Name: Cisco  
Systems, Inc.
Apr  2 12:59:55 jnp_l2tp_avp_decode_receive_window_size: Limiting  
receive window size to configured maximum: 32 vs requested 20050
Apr  2 12:59:55 jnp_l2tp_avp_decode_receive_window_size: Receive  
Window Size 32
Apr  2 12:59:55 jnp_l2tp_avp_decode_challenge: Challenge:
Apr  2 12:59:55 00000000: 13cd 6460 e212 e119 d19f ff42 c428  
507e  ..d`.......B.(P~
Apr  2 12:59:55 jnp_l2tp_avp_decode_assigned_tunnel_id: Assigned  
Tunnel ID 15766
Apr  2 12:59:55 jnp_l2tp_avp_decode_framing_capabilities: Framing  
Capabilities 0x00000000
Apr  2 12:59:55 jnp_l2tp_avp_decode_bearer_capabilities: Bearer  
Capabilities 0x00000000
Apr  2 12:59:55 jnp_l2tp_decode_packet: Unrecognized AVP: vendor_id=9,  
attribute_type=110, reserved_set=0, mandatory=0
Apr  2 12:59:55 jnp_l2tp_tunnel_id_alloc: Allocated Tunnel ID 41230
Apr  2 12:59:55 Tnl 41230 L2TP: I tunnel from QSC_DLR2  
213.148.133.62:1701 local x.x.x.x:1701
Apr  2 12:59:55 Tnl 41230 L2TP: tunnel_info max_sessions_per_tunnel =   
0 local_chap = 0, lcp_renegotiaton = 0, auth_order  LOCAL
Apr  2 12:59:55 Tnl 41230 L2TP: I tunnel pic 6 not alive
Apr  2 12:59:55 jnp_l2tp_fsm_cc_responder_reject_new: New control  
connection establishment rejected
Apr  2 12:59:55 Tnl 41230 L2TP: Open failed
Apr  2 12:59:55 Tnl 41230 L2TP: result 4 error 0)
Apr  2 12:59:55 jnp_l2tp_tunnel_terminated: Cancel hello timer for 41230
Apr  2 12:59:55 jnp_l2tp_tunnel_terminated: cancel no session timer  
for 41230
Apr  2 12:59:55 jnp_l2tp_fsm_tr_wait: Freeing tunnel 41230
Apr  2 12:59:55 jnp_l2tp_fsm_tr_wait: Cancel all timers for 41230
Apr  2 12:59:59 jnp_l2tp_fsm_tr_wait: New packet from  
213.148.133.62:1701: 66 bytes
Apr  2 12:59:59 jnp_l2tp_avp_decode_message_type: Message Type StopCCN  
(4)
Apr  2 12:59:59 jnp_l2tp_avp_decode_result_code: Result Code `General  
error - A generic vendor-specific error occurred in the LAC' (2 6)
Apr  2 12:59:59 jnp_l2tp_avp_decode_result_code: Error Message: Too  
many retransmits
Apr  2 12:59:59 jnp_l2tp_decode_packet: Unrecognized AVP: vendor_id=9,  
attribute_type=105, reserved_set=0, mandatory=0
Apr  2 12:59:59 jnp_l2tp_avp_decode_assigned_tunnel_id: Assigned  
Tunnel ID 15766
Apr  2 13:00:03 jnp_l2tp_fsm_tr_wait: New packet from  
213.148.133.62:1701: 66 bytes
Apr  2 13:00:03 jnp_l2tp_avp_decode_message_type: Message Type StopCCN  
(4)
Apr  2 13:00:03 jnp_l2tp_avp_decode_result_code: Result Code `General  
error - A generic vendor-specific error occurred in the LAC' (2 6)
Apr  2 13:00:03 jnp_l2tp_avp_decode_result_code: Error Message: Too  
many retransmits
Apr  2 13:00:03 jnp_l2tp_decode_packet: Unrecognized AVP: vendor_id=9,  
attribute_type=105, reserved_set=0, mandatory=0
Apr  2 13:00:03 jnp_l2tp_avp_decode_assigned_tunnel_id: Assigned  
Tunnel ID 15766


the config:

    sp-1/2/0 {
        unit 0 {
            family inet;
        }
        unit 1 {
            dial-options {
                l2tp-interface-id lns;
                dedicated;
            }
            family inet;
        }
        unit 2 {
            dial-options {
                l2tp-interface-id lns;
                dedicated;
            }
            family inet;
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address x.x.x.x;
            }
        }
    }

ccess {
    profile lns_tunnel {
        authentication-order password;
        client QSC_DLR2 {
            l2tp {
                interface-id lns;
                ppp-authentication chap;
                shared-secret "xxx"; ## SECRET-DATA
                ppp-profile lns_user;
            }
        }
    }
    profile lns_user {
        client "gelbhardt at dsl.dlrz.net" {
# hier kann ich mich nicht entscheiden
            chap-secret "xx"; ## SECRET-DATA
            pap-password "xx"; ## SECRET-DATA
            ppp {
                idle-timeout 0;
                primary-dns x.x.x.x;
                framed-ip-address x.x.x.x;
            }
        }
    }
}
services {
    l2tp {
        tunnel-group lns {
            l2tp-access-profile lns_tunnel;
            ppp-access-profile lns_user;
            local-gateway {
                address x.x.x.x; # <- lo0 Adresse
            }
            service-interface sp-1/2/0;
        }
    }
}

More information about the juniper-nsp mailing list