10-01-2008 05:54 AM
Hi
I have a setup as foll
PPOE client->LAC(Radius)->LNS(Radius)
I face a strange issue only at the PPP authenticating phase.
A snapshot of the debug PPP negotiation is as foll
06:32:40: ppp67 PPP: Phase is ESTABLISHING
06:32:40: ppp67 PPP: Send Message[Dynamic Bind Response]
06:32:40: ppp67 LCP: O CONFREQ [Closed] id 1 len 39
06:32:40: ppp67 LCP: ACCM 0x000A0000 (0x0206000A0000)
06:32:40: ppp67 LCP: AuthProto PAP (0x0304C023)
06:32:40: ppp67 LCP: MagicNumber 0x1ABD01EF (0x05061ABD01EF)
06:32:40: ppp67 LCP: PFC (0x0702)
06:32:40: ppp67 LCP: ACFC (0x0802)
06:32:40: ppp67 LCP: MRRU 1524 (0x110405F4)
06:32:40: ppp67 LCP: EndpointDisc 1 R2A-7200 (0x130B015232412D37323030)
06:32:40: ppp67 LCP: I CONFREQ [REQsent] id 5 len 20
06:32:40: ppp67 LCP: ACCM 0x00000000 (0x020600000000)
06:32:40: ppp67 LCP: MagicNumber 0x6A722D66 (0x05066A722D66)
06:32:40: ppp67 LCP: PFC (0x0702)
06:32:40: ppp67 LCP: ACFC (0x0802)
06:32:40: ppp67 LCP: O CONFACK [REQsent] id 5 len 20
06:32:40: ppp67 LCP: ACCM 0x00000000 (0x020600000000)
06:32:40: ppp67 LCP: MagicNumber 0x6A722D66 (0x05066A722D66)
06:32:40: ppp67 LCP: PFC (0x0702)
06:32:40: ppp67 LCP: ACFC (0x0802)
06:32:40: ppp67 LCP: I CONFREJ [ACKsent] id 1 len 19
06:32:40: ppp67 LCP: MRRU 1524 (0x110405F4)
06:32:40: ppp67 LCP: EndpointDisc 1 R2A-7200 (0x130B015232412D37323030)
06:32:40: ppp67 LCP: O CONFREQ [ACKsent] id 2 len 24
06:32:40: ppp67 LCP: ACCM 0x000A0000 (0x0206000A0000)
06:32:40: ppp67 LCP: AuthProto PAP (0x0304C023)
06:32:40: ppp67 LCP: MagicNumber 0x1ABD01EF (0x05061ABD01EF)
06:32:40: ppp67 LCP: PFC (0x0702)
06:32:40: ppp67 LCP: ACFC (0x0802)
06:32:41: ppp67 LCP: I CONFACK [ACKsent] id 2 len 24
06:32:41: ppp67 LCP: ACCM 0x000A0000 (0x0206000A0000)
06:32:41: ppp67 LCP: AuthProto PAP (0x0304C023)
06:32:41: ppp67 LCP: MagicNumber 0x1ABD01EF (0x05061ABD01EF)
06:32:41: ppp67 LCP: PFC (0x0702)
06:32:41: ppp67 LCP: ACFC (0x0802)
06:32:41: ppp67 LCP: State is Open
06:32:41: ppp67 PPP: Phase is AUTHENTICATING, by this end
06:32:41: ppp67 LCP: I IDENTIFY [Open] id 6 len 18 magic 0x6A722D66 MSRASV5.10
06:32:41: ppp67 LCP: I IDENTIFY [Open] id 7 len 21 magic 0x6A722D66 MSRAS-0-RAMYA
06:32:41: ppp67 PAP: I AUTH-REQ id 38 len 30 from "test@rw.test.tcl"
06:32:41: ppp67 PAP: Authenticating peer test@rw.test.tcl
06:32:41: ppp67 PPP: Phase is FORWARDING, Attempting Forward
06:32:41: ppp67 PPP: Phase is AUTHENTICATING, Unauthenticated User
06:32:41: ppp67 PAP: O AUTH-NAK id 38 len 26 msg is "Authentication failed"
06:32:41: ppp67 PPP: Sending Acct Event[Down] id[A2]
06:32:41: ppp67 PPP: Phase is TERMINATING
06:32:41: ppp67 LCP: O TERMREQ [Open] id 3 len 4
06:32:41: ppp67 PPP: Received Disconnect from Lower Layer
06:32:41: ppp67 LCP: O TERMREQ [TERMsent] id 3 len 4
06:32:41: ppp67 PPP: Dynamic send error, close LCP
06:32:41: ppp67 LCP: State is Closed
06:32:41: ppp67 PPP: Phase is DOWN
06:32:41: ppp67 PPP: Phase is TERMINATING
The L2TP tunnel is seen to be established for a fraction of a second, but immediately disconnects due to authentication problem.
Note : There is no username or password error in this case.
Has anyone any idea on this?
10-07-2008 01:13 PM
If you enabled "l2tp hidden" command it causes additional security if PPP is using PAP or proxy authentication between the LAC and LNS tunnel cannot be established
If you disable "no l2tp hidden" then everything works fine
For further information click this link.
http://www.cisco.com/en/US/docs/ios/11_3/feature/guide/l2tp.html#wp9947
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: