cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2091
Views
0
Helpful
7
Replies

PPPoE And 2811 Router - Bridged mode

mattiep00
Level 1
Level 1

Hi, I am trying to get a cellular router working in bridged mode so I can set up a VPN tunnel from a Cisco router. I am not able to get the PPPoE connection established and was hoping someone could help. My config is: Internet-->Cellular780seu-->(FA0/0)2821(FA0/1)

!

vpdn enable

!

interface FastEthernet0/0

no ip address

no ip mroute-cache

duplex auto

speed auto

pppoe enable group global

pppoe-client dial-pool-number 1

no cdp enable

!

interface FastEthernet0/1

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface Dialer1

description Logical ADSL Interface

ip address negotiated

ip mtu 1492

ip nat outside

ip virtual-reassembly

encapsulation ppp

ip tcp adjust-mss 1452

no ip mroute-cache

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication pap

ppp ipcp route default

!

ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

!

ip http server

no ip http secure-server

ip nat inside source list 10 interface Dialer1 overload

!

access-list 10 permit 192.168.1.0 0.0.0.255

dialer-list 1 protocol ip permit

no cdp run

!

This connection does not require a username & password, and works when I set up a miniport dial using WinXP. Can someone please assist?

Thanks!

7 Replies 7

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Mattie,

>> This connection does not require a username & password

then remove ppp authentication pap

inside dialer interface config

you can use debug ppp neg and debug ppp auth to see what happens

Hope to help

Giuseppe

Thanks for the quick response. I have removed the auth, but nothing is happening after shutting/nos hutting the interface. I have the following ints:

FA0/0 unassigned UP UP

FA0/1 192.168.1.1 UP UP

NVI0 unassigned UP UP

Virtual-Access1 UP UP

Virtual-Access2 DOWN DOWN

DAILER1 unassigned UP UP

Debugs are not showing anything. I have tried pinging from the 192.168.1.1 interface to google's IP address with no activity...

Hello Matt,

now we need to understand when the PPPoE session fails:

use

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t2/feature/guide/ftpppoec_support_TSD_Island_of_Content_Chapter.html#wp1051946

use

show pppoe session

debug pppoe {data | errors | events | packets}

note: depending on IOS release config of PPPoE release requires or doesn't require the vpdn configuration.

If you need vpdn :

vpdn enable

vpdn-group 1

request-dialin

protocol pppoe

!

after release 12.2(13)T config changes

Hope to help

Giuseppe

here is the debug - no auth error it looks like...

Ok, getting a bit closer. When i now do a debug ppp negotiation i get the attached. Interfaces go up, then come back down. Any ideas?

Hello Matt,

I see that you still have some authentication issue:

in the first log file I see:

*Aug 25 22:38:40.355: Vi2 PPP: No authorization without authentication

*Aug 25 22:38:40.355: Vi2 PPP: Phase is AUTHENTICATING, by the peer

*Aug 25 22:38:40.363: Vi2 CHAP: I CHALLENGE id 1 len 35 from "UMTS_CHAP_SRVR"

*Aug 25 22:38:40.363: Vi2 CHAP: Unable to authenticate for peer

*Aug 25 22:38:40.363: Vi2 PPP: Sending Acct Event[Down] id[4A]

*Aug 25 22:38:40.363: Vi2 PPP: Phase is TERMINATING

your router is receveing a CHAP challenge from the PPP peer UMTS_CHAP_SRVR

in the second log file I see a change: now there is a mismatch on the authentication protocol between CHAP :

Aug 26 04:03:49.106: Vi2 LCP: AuthProto CHAP (0x0305C22305)

and MS-CHAP (that is different)

it looks like your router is proposing MS-CHAP and the peer rejects it

Try to use CHAP on your router.

*Aug 26 04:03:49.142: Vi2 LCP: O CONFREQ [ACKsent] id 5 len 15

*Aug 26 04:03:49.142: Vi2 LCP: AuthProto MS-CHAP (0x0305C22380)

*Aug 26 04:03:49.142: Vi2 LCP: MagicNumber 0x1CB58CB2 (0x05061CB58CB2)

*Aug 26 04:03:49.158: Vi2 LCP: I CONFREJ [ACKsent] id 5 len 9

*Aug 26 04:03:49.158: Vi2 LCP: AuthProto MS-CHAP (0x0305C22380)

Your router sends a Config request with auth proto = MS-CHAP the other side answers with a config reject for this protocol.

Try to use CHAP on the router instead of MS-CHAP.

Hope to help

Giuseppe

Yep, that was the issue - Ive attached the relevant bits here:

ppp authentication pap callin

ppp chap hostname me@me.com.au

ppp chap password xxx

ppp chap refuse

ppp ms-chap refuse

ppp ms-chap-v2 refuse

ppp pap sent-username me@me.com.au password xxx

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: