All, We have a DSL circuit here terminated on an 1801 with IOS 15.1(XB). It's having trouble authenticating through to our ISP's LNS:
Jan 25 22:14:42.653: Vi2 PPP: Phase is AUTHENTICATING, by both Jan 25 22:14:42.653: Vi2 CHAP: O CHALLENGE id 1 len 36 from "test-php...@a.1" Jan 25 22:14:42.653: Vi2 LCP: State is Open Jan 25 22:14:42.681: Vi2 CHAP: I CHALLENGE id 1 len 29 from "sov.lac0" Jan 25 22:14:42.681: Vi2 PPP: Sent CHAP SENDAUTH Request Jan 25 22:14:42.681: Vi2 PPP: Received SENDAUTH Response FAIL Jan 25 22:14:42.681: Vi2 CHAP: Using hostname from interface CHAP Jan 25 22:14:42.681: Vi2 CHAP: Using password from interface CHAP Jan 25 22:14:42.681: Vi2 CHAP: O RESPONSE id 1 len 36 from "test-php...@a.1" Jan 25 22:14:44.021: Vi2 LCP: I CONFREQ [Open] id 0 len 15 Jan 25 22:14:44.021: Vi2 LCP: MagicNumber 0x71F64BD1 (0x050671F64BD1) Jan 25 22:14:44.021: Vi2 LCP: AuthProto CHAP (0x0305C22305) Jan 25 22:14:44.025: Vi2 PPP DISC: PPP Renegotiating Jan 25 22:14:44.025: Vi2 LCP: Event[LCP Reneg] State[Open to Open] Jan 25 22:14:44.025: Vi2 LCP: Event[DOWN] State[Open to Starting] ... Jan 25 22:14:44.061: Vi2 PPP: Phase is AUTHENTICATING, by both Jan 25 22:14:44.061: Vi2 CHAP: O CHALLENGE id 1 len 36 from "test-php...@a.1" Jan 25 22:14:44.061: Vi2 CHAP: Redirect packet to Vi2 Jan 25 22:14:44.061: Vi2 CHAP: I CHALLENGE id 1 len 30 from "doubtless" Jan 25 22:14:44.061: Vi2 CHAP: Ignoring spoofed Challenge Jan 25 22:14:44.061: Vi2 LCP: State is Open Jan 25 22:14:46.021: Vi2 CHAP: I CHALLENGE id 1 len 30 from "doubtless" Jan 25 22:14:46.021: Vi2 CHAP: Ignoring spoofed Challenge Jan 25 22:14:48.021: Vi2 CHAP: I CHALLENGE id 1 len 30 from "doubtless" Jan 25 22:14:48.021: Vi2 CHAP: Ignoring spoofed Challenge Jan 25 22:14:50.021: Vi2 CHAP: I CHALLENGE id 1 len 30 from "doubtless" Jan 25 22:14:50.021: Vi2 CHAP: Ignoring spoofed Challenge Jan 25 22:14:52.021: Vi2 CHAP: I CHALLENGE id 1 len 30 from "doubtless" Jan 25 22:14:52.021: Vi2 CHAP: Ignoring spoofed Challenge Here, sov.lac0 is the DSL provider's LAC, and 'doubtless' is the ISP's LNS - which restarts LCP when it receives a new L2TP session from the LAC. The 1801 here is unhappy at receiving a CHAP challenge from a different hostname, and thus refuses to authenticate. The Dialer interface has 'ppp authentication chap callin' set, and I've tried 'ppp direction dedicated', but it doesn't help. Can any shed some light on this and/or suggest a workaround either on our end or the ISP's end? Regards, Peter _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/