PPPoE And 2811 Router - Bridged mode

Unanswered Question
Aug 25th, 2008

Hi, I am trying to get a cellular router working in bridged mode so I can set up a VPN tunnel from a Cisco router. I am not able to get the PPPoE connection established and was hoping someone could help. My config is: Internet-->Cellular780seu-->(FA0/0)2821(FA0/1)

!

vpdn enable

!

interface FastEthernet0/0

no ip address

no ip mroute-cache

duplex auto

speed auto

pppoe enable group global

pppoe-client dial-pool-number 1

no cdp enable

!

interface FastEthernet0/1

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface Dialer1

description Logical ADSL Interface

ip address negotiated

ip mtu 1492

ip nat outside

ip virtual-reassembly

encapsulation ppp

ip tcp adjust-mss 1452

no ip mroute-cache

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication pap

ppp ipcp route default

!

ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

!

ip http server

no ip http secure-server

ip nat inside source list 10 interface Dialer1 overload

!

access-list 10 permit 192.168.1.0 0.0.0.255

dialer-list 1 protocol ip permit

no cdp run

!

This connection does not require a username & password, and works when I set up a miniport dial using WinXP. Can someone please assist?

Thanks!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Giuseppe Larosa Mon, 08/25/2008 - 01:18

Hello Mattie,

>> This connection does not require a username & password

then remove ppp authentication pap

inside dialer interface config

you can use debug ppp neg and debug ppp auth to see what happens

Hope to help

Giuseppe

mattiep00 Mon, 08/25/2008 - 01:51

Thanks for the quick response. I have removed the auth, but nothing is happening after shutting/nos hutting the interface. I have the following ints:

FA0/0 unassigned UP UP

FA0/1 192.168.1.1 UP UP

NVI0 unassigned UP UP

Virtual-Access1 UP UP

Virtual-Access2 DOWN DOWN

DAILER1 unassigned UP UP

Debugs are not showing anything. I have tried pinging from the 192.168.1.1 interface to google's IP address with no activity...

Giuseppe Larosa Mon, 08/25/2008 - 04:19

Hello Matt,

now we need to understand when the PPPoE session fails:

use

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t2/feature/guide/ftpppoec_support_TSD_Island_of_Content_Chapter.html#wp1051946

use

show pppoe session

debug pppoe {data | errors | events | packets}

note: depending on IOS release config of PPPoE release requires or doesn't require the vpdn configuration.

If you need vpdn :

vpdn enable

vpdn-group 1

request-dialin

protocol pppoe

!

after release 12.2(13)T config changes

Hope to help

Giuseppe

mattiep00 Mon, 08/25/2008 - 14:40

here is the debug - no auth error it looks like...

Attachment: 
mattiep00 Mon, 08/25/2008 - 20:34

Ok, getting a bit closer. When i now do a debug ppp negotiation i get the attached. Interfaces go up, then come back down. Any ideas?

Attachment: 
Giuseppe Larosa Mon, 08/25/2008 - 22:29

Hello Matt,

I see that you still have some authentication issue:

in the first log file I see:

*Aug 25 22:38:40.355: Vi2 PPP: No authorization without authentication

*Aug 25 22:38:40.355: Vi2 PPP: Phase is AUTHENTICATING, by the peer

*Aug 25 22:38:40.363: Vi2 CHAP: I CHALLENGE id 1 len 35 from "UMTS_CHAP_SRVR"

*Aug 25 22:38:40.363: Vi2 CHAP: Unable to authenticate for peer

*Aug 25 22:38:40.363: Vi2 PPP: Sending Acct Event[Down] id[4A]

*Aug 25 22:38:40.363: Vi2 PPP: Phase is TERMINATING

your router is receveing a CHAP challenge from the PPP peer UMTS_CHAP_SRVR

in the second log file I see a change: now there is a mismatch on the authentication protocol between CHAP :

Aug 26 04:03:49.106: Vi2 LCP: AuthProto CHAP (0x0305C22305)

and MS-CHAP (that is different)

it looks like your router is proposing MS-CHAP and the peer rejects it

Try to use CHAP on your router.

*Aug 26 04:03:49.142: Vi2 LCP: O CONFREQ [ACKsent] id 5 len 15

*Aug 26 04:03:49.142: Vi2 LCP: AuthProto MS-CHAP (0x0305C22380)

*Aug 26 04:03:49.142: Vi2 LCP: MagicNumber 0x1CB58CB2 (0x05061CB58CB2)

*Aug 26 04:03:49.158: Vi2 LCP: I CONFREJ [ACKsent] id 5 len 9

*Aug 26 04:03:49.158: Vi2 LCP: AuthProto MS-CHAP (0x0305C22380)

Your router sends a Config request with auth proto = MS-CHAP the other side answers with a config reject for this protocol.

Try to use CHAP on the router instead of MS-CHAP.

Hope to help

Giuseppe

mattiep00 Mon, 08/25/2008 - 22:51

Yep, that was the issue - Ive attached the relevant bits here:

ppp authentication pap callin

ppp chap hostname me@me.com.au

ppp chap password xxx

ppp chap refuse

ppp ms-chap refuse

ppp ms-chap-v2 refuse

ppp pap sent-username me@me.com.au password xxx

Actions

Login or Register to take actions

This Discussion

Posted August 25, 2008 at 12:51 AM
Stats:
Replies:7 Overall Rating:
Views:1055 Votes:0
Shares:0
Tags: No tags.
 

Discussions Leaderboard

Rank Username Points
1
Giuseppe Larosa
9,434
2
Paolo Bevilacqua
8,817
3
Richard Burts
8,479
4
Jon Marshall
7,058
5
Peter Paluch
5,486
Rank Username Points
Jon Marshall
197
Peter Paluch
84
Joseph W. Doherty
65
Leo Laohoo
45
Vasilii Mikhail...
40