Client Initiated L2TP - IPCP Issue

Unanswered Question
Dec 16th, 2009
User Badges:

Hi,


I´ve been trying to setup a client initiated L2TP tunnel and the PPP negotiation stucks at IPCP negotiation, as follows:


007774: Dec 15 17:05:29.359 UTC: Vp1 PPP: Phase is ESTABLISHING, Finish LCP
007775: Dec 15 17:05:29.359 UTC: Vp1 PPP: Phase is UP
007776: Dec 15 17:05:29.359 UTC: Vp1 IPCP: O CONFREQ [Closed] id 1 len 10
007777: Dec 15 17:05:29.359 UTC: Vp1 IPCP:    Address 0.0.0.0 (0x030600000000)
007778: Dec 15 17:05:29.363 UTC: Vp1 PPP: Process pending ncp packets
007779: Dec 15 17:05:29.371 UTC: Vp1 IPCP: I CONFNAK [REQsent] id 1 len 10
007780: Dec 15 17:05:29.375 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007781: Dec 15 17:05:29.375 UTC: Vp1 IPCP: O CONFREQ [REQsent] id 2 len 10
007782: Dec 15 17:05:29.375 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007783: Dec 15 17:05:29.391 UTC: Vp1 IPCP: I CONFACK [REQsent] id 2 len 10
007784: Dec 15 17:05:29.391 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007785: Dec 15 17:05:30.359 UTC: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-PPP1, changed state to up
007786: Dec 15 17:05:31.359 UTC: Vp1 IPCP: Timeout: State ACKrcvd
007787: Dec 15 17:05:31.359 UTC: Vp1 IPCP: O CONFREQ [ACKrcvd] id 3 len 10
007788: Dec 15 17:05:31.359 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007789: Dec 15 17:05:31.379 UTC: Vp1 IPCP: I CONFACK [REQsent] id 3 len 10
007790: Dec 15 17:05:31.379 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007791: Dec 15 17:05:33.375 UTC: Vp1 IPCP: Timeout: State ACKrcvd
007792: Dec 15 17:05:33.375 UTC: Vp1 IPCP: O CONFREQ [ACKrcvd] id 4 len 10
007793: Dec 15 17:05:33.375 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007794: Dec 15 17:05:33.407 UTC: Vp1 IPCP: I CONFACK [REQsent] id 4 len 10
007795: Dec 15 17:05:33.411 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007796: Dec 15 17:05:35.391 UTC: Vp1 IPCP: Timeout: State ACKrcvd
007797: Dec 15 17:05:35.391 UTC: Vp1 IPCP: O CONFREQ [ACKrcvd] id 5 len 10
007798: Dec 15 17:05:35.391 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007799: Dec 15 17:05:35.403 UTC: Vp1 IPCP: I CONFACK [REQsent] id 5 len 10
007800: Dec 15 17:05:35.403 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007801: Dec 15 17:05:37.407 UTC: Vp1 IPCP: Timeout: State ACKrcvd
007802: Dec 15 17:05:37.407 UTC: Vp1 IPCP: O CONFREQ [ACKrcvd] id 6 len 10
007803: Dec 15 17:05:37.407 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007804: Dec 15 17:05:37.415 UTC: Vp1 IPCP: I CONFACK [REQsent] id 6 len 10
007805: Dec 15 17:05:37.415 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007806: Dec 15 17:05:39.423 UTC: Vp1 IPCP: Timeout: State ACKrcvd
007807: Dec 15 17:05:39.423 UTC: Vp1 IPCP: O CONFREQ [ACKrcvd] id 7 len 10
007808: Dec 15 17:05:39.423 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007809: Dec 15 17:05:39.435 UTC: Vp1 IPCP: I CONFACK [REQsent] id 7 len 10
007810: Dec 15 17:05:39.435 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007811: Dec 15 17:05:41.439 UTC: Vp1 IPCP: Timeout: State ACKrcvd
007812: Dec 15 17:05:41.439 UTC: Vp1 IPCP: O CONFREQ [ACKrcvd] id 8 len 10
007813: Dec 15 17:05:41.439 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007814: Dec 15 17:05:41.447 UTC: Vp1 IPCP: I CONFACK [REQsent] id 8 len 10
007815: Dec 15 17:05:41.447 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007816: Dec 15 17:05:43.455 UTC: Vp1 IPCP: Timeout: State ACKrcvd


If I try to shutdown and no shutdown the interface Virtual-PPP, I always see the same behavior. After the router reboot, the PPP link also doesn´t bring up.


Sometimes, when I drop the L2TP tunnel or the LNS does the same, I can see the following negotiation and the IPCP finishes the negotiation and the PPP interface goes up:


007857: Dec 15 17:08:38.580 UTC: Vp1 PPP SSS: Receive SSS-Mgr Connect-Local
007858: Dec 15 17:08:38.584 UTC: Vp1 PPP: Phase is ESTABLISHING, Finish LCP
007859: Dec 15 17:08:38.584 UTC: Vp1 PPP: Phase is UP
007860: Dec 15 17:08:38.584 UTC: Vp1 IPCP: O CONFREQ [Closed] id 1 len 10
007861: Dec 15 17:08:38.584 UTC: Vp1 IPCP:    Address 0.0.0.0 (0x030600000000)
007862: Dec 15 17:08:38.584 UTC: Vp1 PPP: Process pending ncp packets
007863: Dec 15 17:08:38.588 UTC: Vp1 IPCP: Redirect packet to Vp1
007864: Dec 15 17:08:38.588 UTC: Vp1 IPCP: I CONFREQ [REQsent] id 1 len 10
007865: Dec 15 17:08:38.588 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007866: Dec 15 17:08:38.588 UTC: Vp1 IPCP: O CONFACK [REQsent] id 1 len 10
007867: Dec 15 17:08:38.588 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007868: Dec 15 17:08:38.600 UTC: Vp1 IPCP: I CONFNAK [ACKsent] id 1 len 10
007869: Dec 15 17:08:38.600 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007870: Dec 15 17:08:38.600 UTC: Vp1 IPCP: O CONFREQ [ACKsent] id 2 len 10
007871: Dec 15 17:08:38.600 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007872: Dec 15 17:08:38.608 UTC: Vp1 IPCP: I CONFACK [ACKsent] id 2 len 10
007873: Dec 15 17:08:38.612 UTC: Vp1 IPCP:    Address 10.1.2.245 (0x03060A0102F5)
007874: Dec 15 17:08:38.612 UTC: Vp1 IPCP: State is Open
007875: Dec 15 17:08:38.612 UTC: Vp1 IPCP: Install negotiated IP interface address 10.1.2.245
007876: Dec 15 17:08:38.616 UTC: Vp1 IPCP: Route not installed to our address 10.1.2.245
007877: Dec 15 17:08:39.584 UTC: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-PPP1, changed state to up


I´ve noticed when the IPCP negotiation works, the LNS replies with a CONFREQ for the first IPCP IP-Address request (in bold) and my router replies with a CONFACK for this. At all the other situations, the LNS replies with a CONFNAK and append the right IP to this reply and my router never replies a CONFACK (always CONFREQ) and the IPCP never finishes.


I´ve checked the RFC 1332 and following the RFC, the LNS SHOULD reply a CONFNAK with the IP address option, as I´ve been receiving, but it doesn´t work.


Follows the Virtual-PPP interface configuration:


!

interface Virtual-PPP1
ip address negotiated
ip mtu 1400
ip virtual-reassembly
no cdp enable
ppp lcp predictive

ppp authentication pap

ppp pap sent-username XXXX password XXXX
pseudowire X.X.X.X 1 encapsulation l2tpv2 pw-class GeneralSoft-PW
!


The L2TP tunnel appears to be fine:


L2TP Tunnel and Session Information Total tunnels 1 sessions 1

LocID RemID Remote Name   State  Remote Address  Port  Sessions L2TP Class/VPDN Group
23458 4     L2TP-GW       est    200.143.24.148  1701  1        l2tp_default_cl


LocID      RemID      TunID      Username, Intf/      State  Last Chg Uniq ID
                                 Vcid, Circuit
6          96         23458      1, Vp1               est    06:45:31 1


Router is a 1721 with IOS c1700-sy7-mz.124-25b.bin .


Thanks and my best regards,

Carlos Covolo

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion