L2TP Client-Initiated Tunneling

Answered Question
Aug 13th, 2010
User Badges:

Hello,


I am trying to configure L2TP Client-Initiate Tunneling on a cisco 1941 with C1900 Software (C1900-UNIVERSALK9-M), Version 15.1(2)T0a, RELEASE SOFTWARE (fc1).


I have two 1941 and trying to tunnel the VLAN's across a point to point T1 connection.  The reason for this is because one of the vlans on the remote end needs to be in a DMZ.  The problem that I am having is that is allows me to setup the l2tp class but the pseudowire-class command is not available.  Is there somthing I am missing? According to Feature Navigator L2TP Client-Initiate Tunneling is available in the IOS I am using.


Thanks,


Christopher Ronse


Correct Answer by Tod Larson about 6 years 8 months ago

For L2TP in IOS 15 you need the data license.


"sh ver" IOS 15 gives you output similar to this (note that this output only has the ipbase license so it needs the data license for L2TP).

----------------------------------------------------------------
Technology    Technology-package          Technology-package
               Current       Type          Next reboot
-----------------------------------------------------------------
ipbase        ipbasek9      None          ipbasek9
security      None          None          None
uc            None          None          None
data          None          None          None



In order to receive licenses for any testing or demo purposes, you may
either register online at
https://tools.cisco.com/SWIFT/Licensing/PrivateRegistrationServlet?DemoKeys=Y



"sh license uid" gives you the corred PID and serial number to use in the above link.


Then, when you get your evaluation licenes you need to load it in the router.

1) First you have you configure the router to accept a license.  In config mode you have to run a "load module ..." command.  I can't remember the exact syntax for that command.  But the router won't accept a new license until you run this command.  Save the config using "copy run start."

2) tftp the license to your flash

3) in ENABLE mode you run "license install licensename.lic"

4) do a "sh ver" to ensure that the "Tech package" will be installed on the next reboot.

5) reload the router and you are ready to go.


Finally, after you have evaluate the feature, of course you need to buy a permanent data license and then install it.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Chetan Kumar Ress Fri, 08/13/2010 - 12:10
User Badges:
  • Silver, 250 points or more

Hi Christopher,


The issue is with your IOS , your IOS support only L2TP Client-Initiate Tunneling  feature that means :


L2TP client-initiated tunneling allows the client router to initiate Layer 2 tunnels. The client establishes a tunnel to the customer network without an intermediate NAS participating in the tunnel negotiation and establishment. The customer manages the client software that initiates the tunnel.


& in your senario you requried L2 Tunnel feature also in your IOS to configure pseudowire-class and that not support your IOS

without pseudowire-class you can't specify L2TP protocol.

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtvoltun.html#wp1054145

Regards

Chetan kumar

http://chetanress.blogspot.com

christopher.ronse Fri, 08/13/2010 - 12:56
User Badges:

Hi Chetan,


I guess what is confuding me is IOS 15.  According to feature navigator it shows L2TP and L2TPv3 in the IOS 15 version that I am using.


Thanks,


Christopher Ronse

christopher.ronse Fri, 08/13/2010 - 13:22
User Badges:

Nevermind I think I need to get the SNA license for with IOS 15.


Thanks,


Christopher Ronse

Correct Answer
Tod Larson Sun, 08/15/2010 - 05:33
User Badges:

For L2TP in IOS 15 you need the data license.


"sh ver" IOS 15 gives you output similar to this (note that this output only has the ipbase license so it needs the data license for L2TP).

----------------------------------------------------------------
Technology    Technology-package          Technology-package
               Current       Type          Next reboot
-----------------------------------------------------------------
ipbase        ipbasek9      None          ipbasek9
security      None          None          None
uc            None          None          None
data          None          None          None



In order to receive licenses for any testing or demo purposes, you may
either register online at
https://tools.cisco.com/SWIFT/Licensing/PrivateRegistrationServlet?DemoKeys=Y



"sh license uid" gives you the corred PID and serial number to use in the above link.


Then, when you get your evaluation licenes you need to load it in the router.

1) First you have you configure the router to accept a license.  In config mode you have to run a "load module ..." command.  I can't remember the exact syntax for that command.  But the router won't accept a new license until you run this command.  Save the config using "copy run start."

2) tftp the license to your flash

3) in ENABLE mode you run "license install licensename.lic"

4) do a "sh ver" to ensure that the "Tech package" will be installed on the next reboot.

5) reload the router and you are ready to go.


Finally, after you have evaluate the feature, of course you need to buy a permanent data license and then install it.

awrutherford Sun, 04/28/2013 - 21:57
User Badges:

Although I understand and agree it's a licensing issue, this keeps causing me grief for two reasons:


1) We do work for customers in remote areas of Pacific islands where there is only one choice of ISP, who requires client initiated L2TP.


We tell our clients "check with Feature Navigator the solution you propose has these features", they do this, and then it doesn't work because of the next point...


2) Feature Navigator says one doesn't need the data license for "L2TP Client Initiated Tunneling". For example, if I do a "Research Software" and select IOS, 15.3T, 15.3(2)T, platform "2921", feature set "Universal (IP Base)", it lists among 13 features that start with the string L2TP:


L2TP Client Initiated Tunneling

L2TP Dial-Out


... and the client gets surprised when it won't let them put in the L2TP configuration.


Obviously this combination is intensly frustrating, and Cisco still don't seem to have fixed it over two years later. :-(

Actions

This Discussion