Hey Oli, 1811(config-vpdn-acc-in)#protocol ? any Use any protocol l2f Use L2F l2tp Use L2TP pptp Use PPTP
doesn't seem to have protocol pppoe. So at the moment I have: ------- username Tunnel-In password 7 x username LAC-Gosford-Test password 7 x vpdn enable vpdn multihop ! vpdn-group forward-as-l2tp request-dialin protocol l2tp initiate-to ip 58.x.x.x local name LAC-Gosford-Test ! vpdn-group pppoe ! Default L2TP VPDN group ! Default PPTP VPDN group accept-dialin protocol any virtual-template 1 local name LAC-Gosford-Test ! interface Virtual-Template1 mtu 1492 no ip address no peer default ip address no keepalive ppp authentication chap pap ------- Can the users use no domain? Or do they have to? I've tried with a domain and it didn't seem to help. 1811 Debug: PPPoE: PPPoE protocol events debugging is on VPN: L2X protocol events debugging is on VPDN call event debugging is on VPDN events debugging is on VPDN errors debugging is on VPDN packet debugging is on L2TP data sequencing debugging is on === Jun 5 07:28:58.147: PPPoE : encap string prepared Jun 5 07:28:58.147: [561]PPPoE 21582: Access IE handle allocated Jun 5 07:28:58.147: [561]PPPoE 21582: pppoe SSS switch updated Jun 5 07:28:58.151: [561]PPPoE 21582: AAA unique ID allocated Jun 5 07:28:58.151: [561]PPPoE 21582: Destroying R:0017.3101.664e L:0017.5902.2d34 Fa0 Jun 5 07:28:58.151: [561]PPPoE 21582: AAA account stopped Jun 5 07:29:03.147: PPPoE 0: I PADR R:0017.3101.664e L:0017.5902.2d34 Fa0 Jun 5 07:29:03.147: Service tag: NULL Tag Jun 5 07:29:03.147: PPPoE : encap string prepared Jun 5 07:29:03.147: [562]PPPoE 21583: Access IE handle allocated Jun 5 07:29:03.147: [562]PPPoE 21583: pppoe SSS switch updated Jun 5 07:29:03.147: [562]PPPoE 21583: AAA unique ID allocated Jun 5 07:29:03.147: [562]PPPoE 21583: Destroying R:0017.3101.664e L:0017.5902.2d34 Fa0 Jun 5 07:29:03.151: [562]PPPoE 21583: AAA account stopped Jun 5 07:29:18.179: PPPoE 0: I PADI R:0017.3101.664e L:ffff.ffff.ffff Fa0 Jun 5 07:29:18.179: Service tag: NULL Tag Jun 5 07:29:18.179: PPPoE 0: O PADO, R:0017.5902.2d34 L:0017.3101.664e Fa0 Jun 5 07:29:18.179: Service tag: NULL Tag Jun 5 07:29:18.179: PPPoE 0: I PADR R:0017.3101.664e L:0017.5902.2d34 Fa0 Jun 5 07:29:18.179: Service tag: NULL Tag Jun 5 07:29:18.179: PPPoE : encap string prepared Jun 5 07:29:18.179: [563]PPPoE 21584: Access IE handle allocated Jun 5 07:29:18.179: [563]PPPoE 21584: pppoe SSS switch updated Jun 5 07:29:18.179: [563]PPPoE 21584: AAA unique ID allocated Jun 5 07:29:18.179: [563]PPPoE 21584: Destroying R:0017.3101.664e L:0017.5902.2d34 Fa0 Jun 5 07:29:18.179: [563]PPPoE 21584: AAA account stopped Jun 5 07:29:23.179: PPPoE 0: I PADR R:0017.3101.664e L:0017.5902.2d34 Fa0 Jun 5 07:29:23.179: Service tag: NULL Tag Jun 5 07:29:23.179: PPPoE : encap string prepared Jun 5 07:29:23.179: [564]PPPoE 21585: Access IE handle allocated Jun 5 07:29:23.179: [564]PPPoE 21585: pppoe SSS switch updated Jun 5 07:29:23.179: [564]PPPoE 21585: AAA unique ID allocated Jun 5 07:29:23.179: [564]PPPoE 21585: Destroying R:0017.3101.664e L:0017.5902.2d34 Fa0 Jun 5 07:29:23.179: [564]PPPoE 21585: AAA account stopped === The 7200 Radius is testing fine, but it isn't seeing the tunnel come up at all. Here is the config. ------- aaa new-model aaa group server radius isp server x auth-port 1812 acct-port 1813 ! aaa authentication login default local aaa authentication ppp isp group isp aaa authorization exec default local group isp aaa authorization network isp group isp aaa accounting delay-start aaa accounting update periodic 30 aaa accounting network default start-stop group isp aaa accounting connection default start-stop group isp aaa accounting system default start-stop group isp username Tunnel-In password 7 1042081B0C03 username LAC-Gosford-Test password 7 03085A090F1B vpdn enable vpdn multihop vpdn aaa attribute nas-port vpdn-nas vpdn logging vpdn logging local vpdn logging tunnel-drop vpdn history failure table-size 50 vpdn session-limit 2048 vpdn search-order domain vpdn domain-delimiter @ suffix vpdn domain-delimiter / prefix ! vpdn-group 1 accept-dialin protocol l2tp virtual-template 1 terminate-from hostname LAC-Gosford-Test local name Tunnel-In lcp renegotiation on-mismatch ! interface Virtual-Template1 mtu 1492 ip unnumbered Loopback0 peer default ip address pool eqpool down-when-looped ppp mtu adaptive ppp authentication chap pap isp ppp authorization isp ppp accounting isp ! ip local pool eqpool x x ! ! radius-server configure-nas radius-server host x auth-port 1812 acct-port 1813 radius-server retransmit 2 radius-server timeout 2 radius-server key 7 x radius-server authorization permit missing Service-Type ------- -----Original Message----- From: Oliver Boehmer (oboehmer) [mailto:[EMAIL PROTECTED] Sent: Tuesday, 29 May 2007 8:17 PM To: [EMAIL PROTECTED]; Cisco-nsp Subject: RE: [c-nsp] PPPoE Relay from 1811 to 7206VXR Skeeve, you need to configure vpdn multihop on the 1811, something like this vpdn enable vpdn multihop vpdn-group pppoe accept-dialin protocol pppoe virtual-template 1 ! vpdn-group forward-as-l2tp request-dialin protocol l2tp domain domain.com initiate-to ip <address-of-the-7200> local name pppoe-relay The trick could be to match the forward-as-l2tp tunnel using the domain, the example above assumes all the users authenticate via [EMAIL PROTECTED] You can also use Radius and return a tunnel profile within the access-request.. Don't think you need the bba-group stuff, but not entirely sure.. oli Skeeve Stevens <> wrote on Monday, May 28, 2007 4:31 PM: > Hi guys, > > I've just spent most of the day trying to get an 1811 relay PPPoE > calls to a central server, and I've failed miserably. > > I have established that the max number of sessions an 1811 can relay > is 300. > > I do need some help from you wonderful people. > > Imagine the 1811(12.4) and 7206(12.2) are configless. Where do I > start from? > > I assume the following: > > 1. 1811 can accept PPPoE calls > 2. 1811 needs to make a l2tp tunnel to the 7206 which is already > configured to accept PPPoE > > > If anyone can assist that would be wonderful. The areas that are new > to me on the 1811 in 12.4 > - No idea how the new bba-group pppoe global works for pppoe dialin > > The basic scenario is about 30 * 1811's out in regional pops > with between 20 and 200 clients on a layer 2 wireless network behind > the 1811. The 1811 remote pops are all connected in an MPLS cloud > which goes back to a central 7206vxr-npe400. The goal is to have the > end user be able to pppoe into the 7200 some how. > > All assistance is welcome. > > .Skeeve > > > > -- > Skeeve Stevens, RHCE > [EMAIL PROTECTED] / www.skeeve.org > Cell +61 (0)414 753 383 / skype://skeeve > > eintellego - [EMAIL PROTECTED] - www.eintellego.net > -- > I'm a groove licked love child king of the verse > Si vis pacem, para bellum > > > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
