I brought the tunnel up. r1-------r2(LNS) -----internet--------r3 (LAC)-----------r4
I have added the configuration along with the description r1 (PPPoE client) ============= *Configuring r1's g0/1 for PPPoE client* interface GigabitEthernet0/1 no ip address duplex auto speed auto pppoe enable group global pppoe-client dial-pool-number 1 dialer-list 1 protocol ip permit interface Dialer0 ip address 10.20.30.41 255.255.255.0 ip mtu 1452 encapsulation ppp dialer pool 1 dialer-group 1 ppp chap hostname [email protected] *(sends the username with domain name " cisco.com")* ppp chap password 0 cisco r2 (LAC) ====== username lac password 0 cisco* (for LAC and LNS mutual authentication)* username lan password 0 cisco *(for LAC and LNS mutual authentication)* username [email protected] password 0 cisco (*for r1 PPPoE client authentication)* vpdn enable *vpdn group that terminates the PPPoE* vpdn-group 1 ! Default L2TP VPDN group ! Default PPTP VPDN group accept-dialin protocol any virtual-template 1 *vpdn group that initiates l2tp to LNS* vpdn-group 2 request-dialin protocol l2tp domain cisco.com initiate-to ip 30.10.20.43 local name LAC interface GigabitEthernet0/1 ip address 10.20.30.42 255.255.255.0 interface GigabitEthernet0/0 ip address 30.10.30.42 255.255.255.0 *virtual template associated to vpdn group that terminates the PPPoE* interface Virtual-Template1 ip unnumbered GigabitEthernet0/1 ppp authentication chap r3 (LNS) ====== vpdn enable *vpdn group that terminates the l2tp *vpdn-group 1 accept-dialin protocol l2tp virtual-template 1 terminate-from hostname LAC local name LNS username lac password 0 cisco* (for LAC and LNS mutual authentication)* username lan password 0 cisco *(for LAC and LNS mutual authentication)* username [email protected] password 0 cisco (*for r1 PPPoE client authentication)* interface FastEthernet0/0 ip address 30.10.20.43 255.255.255.0 *virtual template associated to vpdn group that terminates the l2tp* interface Virtual-Template1 ip unnumbered FastEthernet0/0 no peer default ip address ppp authentication chap *Working* 1. R1 client sends PPPoE packets to R2 LAC. 2. R2 gets the PPPoE packet and searches with domain name to see if it's a l2tp user. If it matches the l2tp vpdn group, the l2tp tunnel is built tp r3 (lns) else the packet is sent to internet. 3. R2 strips the ethernet header header and tailor and encapsulates in l2tp using udp port 1701. 4. R3 (LNS) receives the ppp packet and routes it to it's local LAN. 5. When R3 gets response from the local, it uses the route install using the virtual-access interface to route back to the LAC. With regards Kings On Fri, Sep 10, 2010 at 10:08 PM, Yogesh Gawankar <[email protected]>wrote: > I saw one post on this on some forum. The guy was trying to do the eaxct > same thing but there was no solution kings :) > > Thanks and regards > > Yogesh Gawankar > > > --- On *Sat, 9/11/10, Vybhav Ramachandran <[email protected]>* wrote: > > > From: Vybhav Ramachandran <[email protected]> > Subject: Re: [OSL | CCIE_Security] l2tp clarifcation > To: "Kingsley Charles" <[email protected]> > Cc: [email protected] > Date: Saturday, September 11, 2010, 2:36 AM > > > Hello Kings, > > I think using the "usern...@domain" will indicate to the LAC that the user > needs an L2TP tunnel to the LNS which can be figured out using the "domain" > part of the CHAP username that the LAC retrieved from the client. > > Regarding the configuration, sorry , but i'm not sure. I've never > configured L2TP before :) But kudos to you for trying it out :) > > Cheers, > TacACK > > -----Inline Attachment Follows----- > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
