10-25-2007 07:55 AM - edited 03-05-2019 07:19 PM
Hello,
maybe someone of you can help me. I'm looking for a way to bridge traffic between two sides. The 'remote' side has to use pppoe to connect to the 'central' side. And at the central side I want to bind/bridge the remote side into a vlan. To figure out a way to achieve this I've set up a small test szenario. The configuration of the remote side is:
vpdn enable
!
bridge irb
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
!
interface FastEthernet0/1.1
encapsulation dot1Q 1 native
bridge-group 1
!
interface Dialer1
ip address negotiated
ip mtu 1456
encapsulation ppp
no ip route-cache cef
no ip route-cache
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username benutzer password 0 passwort
bridge-group 1
!
interface BVI1
ip address 10.37.1.123 255.255.255.0
!
bridge 1 protocol ieee
bridge 1 route ip
!
and the configuration o the central side is:
aaa new-model
!
!
aaa authentication login default line
aaa authentication enable default enable
aaa authentication ppp default group radius
aaa authorization network default group radius
aaa accounting delay-start
aaa accounting update periodic 60
aaa accounting network default start-stop group radius
!
aaa session-id common
!
vpdn enable
!
bridge irb
!
bba-group pppoe PPPoE
virtual-template 1
sessions per-mac limit 1
!
interface FastEthernet0/0.1
encapsulation dot1Q 1 native
no cdp enable
bridge-group 1
!
interface FastEthernet0/1
no ip address
ip route-cache flow
duplex auto
speed auto
pppoe enable group PPPoE
!
interface Virtual-Template1
no ip address
no ip redirects
ip mtu 1492
ip route-cache flow
ip tcp adjust-mss 1408
ppp authentication pap
bridge-group 1
!
interface BVI1
ip address 10.37.1.1 255.255.255.0
!
radius-server attribute nas-port format d
radius-server host 10.37.128.166 auth-port 1812 acct-port 1813 key accom
radius-server source-ports extended
!
control-plane
!
bridge 1 priority 1024
bridge 1 protocol ieee
!
At the central side I can see the MAC address of the remote side
central#sh bridge v
Total of 300 station blocks, 299 free
Codes: P - permanent, S - self
BG Hash Address Action Interface VC Age RX count TX count 1 E0/0 001b.b5ad.9575 forward Vi3 - 0 5 0
Flood ports (BG 1) RX count TX count
FastEthernet0/0.1 0 0
Virtual-Access3 0 0
central#
But I can't put any traffic (ping for example) over the bridged-pppoe-link.
I would be glad if someone of you could give me a hint.
thanks in advance and kind regards
Mark
10-25-2007 10:44 PM
I wish I had a test system to try this out on before I respond, but I don't so try moving the pppoe commands off the physical FastEthernet interfaces to the FastEthernet sub-interfaces.
Brian ": )
10-26-2007 01:30 AM
Hi Brian,
thanks for your reply. I'm some kind of confused by your suggestion, because the FastEthernet interfaces doing the pppoe (remote fa0/0, central fa0/1) on both sides have no subinterfaces. Did I missed something?
regards
Mark
10-26-2007 06:06 AM
No, sorry I missed that. Do you have a username and password configured on the central router for benutzer?
": )
10-26-2007 10:20 AM
Yes, I have a username and password configured and the login as it is works fine. By the way, I use a RADIUS server, in that way I can pass additional configuration statements like cisco-avpair="lcp:interface-config=
Meanwhile I followed a different approach to solve my problem. I try to use a GRE tunnel and bridge traffic trough/over it.
regards
Mark
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: