Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Cisco: BBA

Fw: l2tp problem

 

 

Cisco bba RSS feed   Index | Next | Previous | View Threaded


zxd at chinahcn

Jan 8, 2007, 5:30 PM

Post #1 of 2 (1842 views)
Permalink
Fw: l2tp problem

hello!


i have a l2tp problem about juniper erx and cisco 7401.


radius
|
|
pppoe client----LAC(erx)----LNS(cisco7401)

only CISCO7401 configure command terminate-from hostname LAC,the tunnel created。
if have multi lac to LNSthis is a problem.scalability is very bad。

ERX use default configuration.no any specific configuration.

CISCO configuration example

vpdn-group zju.com!ZJ
accept-dialin
protocol l2tp
virtual-template 2
lcp renegotiation always
no l2tp tunnel authentication
l2tp tunnel password 0 cisco
ip precedence immediate

the configuration result in the tunnelcan't created.if use
vpdn-group zju.com!ZJ
accept-dialin
protocol l2tp
virtual-template 2
terminate-from hostname HZCNC-100-BRAS-01
lcp renegotiation always
no l2tp tunnel authentication
l2tp tunnel password 0 cisco
ip precedence immediate

the tunnel can created.

debug information

ERX

DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (): Authenticate configuration data: tag
= 0, type = 1, transport = ipUdp, routerId = Router 0x80000001, address =
58.100.228.66, tName = default, tSecret = , tLocalHostName = HZCNC-100-BRAS-01,
tPeerHostName = HZCNC-88-BRAS-02, tLocalAddress = 58.100.228.16
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): Update IP transport config:
local address = 58.100.228.16, remote address = 58.100.228.66
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type = message,
length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
protocolVersion, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
hostName, length = 23, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
framingCapabilities, length = 10, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
assignedTunnelId, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
receiveWindowSize, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
firmwareRevision, length = 8, flags = ~M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
vendorName, length = 28, flags = ~M ~H
NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): Changing mibState from
idle to connecting
NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (15000024,*): Changing effective
adminState from disabled to enabled
INFO 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): Processing incoming
in-sequence sccrp from vr default, remote address 58.100.228.66 -
controlHeader.Ns = 0
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type = message,
length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
protocolVersion, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
firmwareRevision, length = 8, flags = ~M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
hostName, length = 22, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
vendorName, length = 25, flags = ~M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
receiveWindowSize, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
challenge, length = 22, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
assignedTunnelId, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
framingCapabilities, length = 10, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
bearerCapabilities, length = 10, flags = M ~H
ERROR 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): Configuration error
processing incoming sccrp from vr default, remote address 58.100.228.66 -
challenge with no local secret
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type = message,
length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
assignedTunnelId, length = 8, flags = M ~H
DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type =
resultCode, length = 34, flags = M ~H
NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (): No more configuration records
NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): Changing mibState from
connecting to disconnecting

CISCO:

an 9 00:31:51: Tnl 51399 L2TP: Control channel retransmit delay set to 1 seconds
*Jan 9 00:31:51: Tnl 51399 L2TP: Tunnel state change from idle to wait-ctl-reply
*Jan 9 00:31:51: Tnl 51399 L2TP: Parse AVP 0, len 8, flag 0x8000 (M)
*Jan 9 00:31:51: Tnl 51399 L2TP: Parse StopCCN
*Jan 9 00:31:51: Tnl 51399 L2TP: Parse AVP 9, len 8, flag 0x8000 (M)
*Jan 9 00:31:51: Tnl 51399 L2TP: Assigned Tunnel ID 35
*Jan 9 00:31:51: Tnl 51399 L2TP: Parse AVP 1, len 34, flag 0x8000 (M)
*Jan 9 00:31:51: L2X: Result code(2): 2: General error - refer to error code
*Jan 9 00:31:51: Error code(6): Vendor specific
*Jan 9 00:31:51: Optional msg: challenge with no secret
*Jan 9 00:31:51: Tnl 51399 L2TP: No missing AVPs in StopCCN
*Jan 9 00:31:51: Tnl 51399 L2TP: I StopCCN, flg TLS, ver 2, len 62, tnl 51399, ns 1, nr 1
contiguous pak, size 62
C8 02 00 3E C8 C7 00 00 00 01 00 01 80 08 00 00
00 00 00 04 80 08 00 00 00 09 00 23 80 22 00 00
00 01 00 02 00 06 63 68 61 6C 6C 65 6E 67 65 20
77 69 74 68 20 6E 6F 20 73 65 63 72 65 74
*Jan 9 00:31:51: Tnl 51399 L2TP: O ZLB ctrl ack, flg TLS, ver 2, len 12, tnl 35, ns 1, nr 2

problem
if have multi lac to LNSthis is a problem.scalability is very bad。 I have multi ERX AS LAC,how do?



CAN any body help me ?












            
              








= = = = = = = = = = = = = = = = = = = =
        崑

zxd
zxd [at] chinahcn
2007-01-09
              


oboehmer at cisco

Jan 8, 2007, 11:19 PM

Post #2 of 2 (1731 views)
Permalink
Re: Fw: l2tp problem [In reply to]

Hi,

I can't tell why the ERX doesn't build a tunnel when you use a "Default VPDN Group" (i.e. without any "terminate-from hostname" statement in it). But if it works with a hostname, and you need to use more than one LAC, try configuring a generic name (like "ERX-LAC" or something like this) as local name on the ERX (using the "client-name" command) and reference the same name on the LNS' "terminate-from hostname")..

oli

cisco-bba-bounces [at] puck <> wrote on Tuesday, January 09, 2007 2:31 AM:

> hello!
>
>
> i have a l2tp problem about juniper erx and cisco 7401.
>
>
> radius
> |
> |
> pppoe client----LAC(erx)----LNS(cisco7401)
>
> only CISCO7401 configure command terminate-from
> hostname LAC,the tunnel created$B!#(J
> if have multi lac to LNS$B!)(Jthis is a problem.scalability
> is very bad$B!#(J
>
> ERX use default configuration.no any specific configuration.
>
> CISCO configuration example
>
> vpdn-group zju.com!ZJ
> accept-dialin
> protocol l2tp
> virtual-template 2
> lcp renegotiation always
> no l2tp tunnel authentication
> l2tp tunnel password 0 cisco
> ip precedence immediate
>
> the configuration result in the tunnelcan't created.if use
> vpdn-group zju.com!ZJ accept-dialin
> protocol l2tp
> virtual-template 2
> terminate-from hostname HZCNC-100-BRAS-01
> lcp renegotiation always
> no l2tp tunnel authentication
> l2tp tunnel password 0 cisco
> ip precedence immediate
>
> the tunnel can created.
>
> debug information
>
> ERX
>
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (): Authenticate configuration
> data: tag = 0, type = 1, transport = ipUdp, routerId = Router
> 0x80000001, address =
> 58.100.228.66, tName = default, tSecret = ,
> tLocalHostName = HZCNC-100-BRAS-01,
> tPeerHostName = HZCNC-88-BRAS-02, tLocalAddress = 58.100.228.16
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*):
> Update IP transport config:
> local address = 58.100.228.16, remote address = 58.100.228.66
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = message, length = 8, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = protocolVersion, length = 8, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = hostName, length = 23, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = framingCapabilities, length = 10, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = assignedTunnelId, length = 8, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = receiveWindowSize, length = 8, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = firmwareRevision, length = 8, flags = ~M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = vendorName, length = 28, flags = ~M ~H
> NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*):
> Changing mibState from
> idle to connecting
> NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (15000024,*):
> Changing effective
> adminState from disabled to enabled
> INFO 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*):
> Processing incoming
> in-sequence sccrp from vr default, remote address
> 58.100.228.66 -
> controlHeader.Ns = 0
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = message, length = 8, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = protocolVersion, length = 8, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = firmwareRevision, length = 8, flags = ~M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = hostName, length = 22, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = vendorName, length = 25, flags = ~M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = receiveWindowSize, length = 8, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = challenge, length = 22, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = assignedTunnelId, length = 8, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = framingCapabilities, length = 10, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = bearerCapabilities, length = 10, flags = M ~H
> ERROR 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): Configuration
> error processing incoming sccrp from vr default, remote
> address 58.100.228.66 -
> challenge with no local secret
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = message, length = 8, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = assignedTunnelId, length = 8, flags = M ~H
> DEBUG 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*): AVP Header: type
> = resultCode, length = 34, flags = M ~H
> NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (): No more configuration
> records NOTICE 01/09/2007 00:46:02 [l2tp] l2tp (1400000A,*):
> Changing mibState from
> connecting to disconnecting
>
> CISCO:
>
> an 9 00:31:51: Tnl 51399 L2TP: Control channel
> retransmit delay set to 1 seconds
> *Jan 9 00:31:51: Tnl 51399 L2TP: Tunnel state change
> from idle to wait-ctl-reply
> *Jan 9 00:31:51: Tnl 51399 L2TP: Parse AVP 0, len 8,
> flag 0x8000 (M)
> *Jan 9 00:31:51: Tnl 51399 L2TP: Parse StopCCN
> *Jan 9 00:31:51: Tnl 51399 L2TP: Parse AVP 9, len 8,
> flag 0x8000 (M)
> *Jan 9 00:31:51: Tnl 51399 L2TP: Assigned Tunnel ID 35
> *Jan 9 00:31:51: Tnl 51399 L2TP: Parse AVP 1, len 34, flag 0x8000
> (M)
> *Jan 9 00:31:51: L2X: Result code(2): 2: General error - refer to
> error code
> *Jan 9 00:31:51: Error code(6): Vendor specific
> *Jan 9 00:31:51: Optional msg: challenge with no secret
> *Jan 9 00:31:51: Tnl 51399 L2TP: No missing AVPs in StopCCN
> *Jan 9 00:31:51: Tnl 51399 L2TP: I StopCCN, flg TLS,
> ver 2, len 62, tnl 51399, ns 1, nr 1
> contiguous pak, size 62
> C8 02 00 3E C8 C7 00 00 00 01 00 01 80 08 00 00
> 00 00 00 04 80 08 00 00 00 09 00 23 80 22 00 00
> 00 01 00 02 00 06 63 68 61 6C 6C 65 6E 67 65 20
> 77 69 74 68 20 6E 6F 20 73 65 63 72 65 74
> *Jan 9 00:31:51: Tnl 51399 L2TP: O ZLB ctrl ack, flg
> TLS, ver 2, len 12, tnl 35, ns 1, nr 2
>
> problem
> if have multi lac to LNS$B!)(Jthis is a problem.scalability
> is very bad$B!#(J I have multi ERX AS LAC,how do?
>
>
>
> CAN any body help me ?
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> = = = = = = = = = = = = = = = = = = = =
> $B!!!!!!!!!!!!!!!!CW(J
> $BNi!*(J
> zxd
> zxd [at] chinahcn
> 2007-01-09

Cisco bba RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.