08-25-2008 12:51 AM - edited 03-03-2019 11:15 PM
Hi, I am trying to get a cellular router working in bridged mode so I can set up a VPN tunnel from a Cisco router. I am not able to get the PPPoE connection established and was hoping someone could help. My config is: Internet-->Cellular780seu-->(FA0/0)2821(FA0/1)
!
vpdn enable
!
interface FastEthernet0/0
no ip address
no ip mroute-cache
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
no cdp enable
!
interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface Dialer1
description Logical ADSL Interface
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
no ip mroute-cache
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap
ppp ipcp route default
!
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
ip http server
no ip http secure-server
ip nat inside source list 10 interface Dialer1 overload
!
access-list 10 permit 192.168.1.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
This connection does not require a username & password, and works when I set up a miniport dial using WinXP. Can someone please assist?
Thanks!
08-25-2008 01:18 AM
Hello Mattie,
>> This connection does not require a username & password
then remove ppp authentication pap
inside dialer interface config
you can use debug ppp neg and debug ppp auth to see what happens
Hope to help
Giuseppe
08-25-2008 01:51 AM
Thanks for the quick response. I have removed the auth, but nothing is happening after shutting/nos hutting the interface. I have the following ints:
FA0/0 unassigned UP UP
FA0/1 192.168.1.1 UP UP
NVI0 unassigned UP UP
Virtual-Access1 UP UP
Virtual-Access2 DOWN DOWN
DAILER1 unassigned UP UP
Debugs are not showing anything. I have tried pinging from the 192.168.1.1 interface to google's IP address with no activity...
08-25-2008 04:19 AM
Hello Matt,
now we need to understand when the PPPoE session fails:
use
use
show pppoe session
debug pppoe {data | errors | events | packets}
note: depending on IOS release config of PPPoE release requires or doesn't require the vpdn configuration.
If you need vpdn :
vpdn enable
vpdn-group 1
request-dialin
protocol pppoe
!
after release 12.2(13)T config changes
Hope to help
Giuseppe
08-25-2008 02:40 PM
08-25-2008 08:34 PM
08-25-2008 10:29 PM
Hello Matt,
I see that you still have some authentication issue:
in the first log file I see:
*Aug 25 22:38:40.355: Vi2 PPP: No authorization without authentication
*Aug 25 22:38:40.355: Vi2 PPP: Phase is AUTHENTICATING, by the peer
*Aug 25 22:38:40.363: Vi2 CHAP: I CHALLENGE id 1 len 35 from "UMTS_CHAP_SRVR"
*Aug 25 22:38:40.363: Vi2 CHAP: Unable to authenticate for peer
*Aug 25 22:38:40.363: Vi2 PPP: Sending Acct Event[Down] id[4A]
*Aug 25 22:38:40.363: Vi2 PPP: Phase is TERMINATING
your router is receveing a CHAP challenge from the PPP peer UMTS_CHAP_SRVR
in the second log file I see a change: now there is a mismatch on the authentication protocol between CHAP :
Aug 26 04:03:49.106: Vi2 LCP: AuthProto CHAP (0x0305C22305)
and MS-CHAP (that is different)
it looks like your router is proposing MS-CHAP and the peer rejects it
Try to use CHAP on your router.
*Aug 26 04:03:49.142: Vi2 LCP: O CONFREQ [ACKsent] id 5 len 15
*Aug 26 04:03:49.142: Vi2 LCP: AuthProto MS-CHAP (0x0305C22380)
*Aug 26 04:03:49.142: Vi2 LCP: MagicNumber 0x1CB58CB2 (0x05061CB58CB2)
*Aug 26 04:03:49.158: Vi2 LCP: I CONFREJ [ACKsent] id 5 len 9
*Aug 26 04:03:49.158: Vi2 LCP: AuthProto MS-CHAP (0x0305C22380)
Your router sends a Config request with auth proto = MS-CHAP the other side answers with a config reject for this protocol.
Try to use CHAP on the router instead of MS-CHAP.
Hope to help
Giuseppe
08-25-2008 10:51 PM
Yep, that was the issue - Ive attached the relevant bits here:
ppp authentication pap callin
ppp chap hostname me@me.com.au
ppp chap password xxx
ppp chap refuse
ppp ms-chap refuse
ppp ms-chap-v2 refuse
ppp pap sent-username me@me.com.au password xxx
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: