09-29-2009 11:11 AM - edited 03-01-2019 04:25 PM
Introduction:
This document talks about the LAC configuration which terminated PPPoE connection from PPPoE client and based on the username i.e domain, it runnels the user via L2TP tunnel to LNS.
For PPPoE client configuration, visit
https://supportforums.cisco.com/docs/DOC-6050
In this setup, if any user comes in with cisco.com as a domain name as a part of the username ( for exa. ParamPreet@cisco.com) , it will be tunneled to LNS via L2TP. Users with username other than using cisco.com as a domain name will be terminated locally on this router as a LAC.
Topology:
ASR1006#sh ver
Cisco IOS Software, IOS-XE Software (PPC_LINUX_IOSD-ADVENTERPRISEK9-M), Version 12.2(33)XND, RELEASE SOFTWARE (fc2)
<snip>
ASR1006#
ASR1006#sh run
Building configuration...
Current configuration : 4346 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service internal
!
hostname ASR1006
!
boot-start-marker
boot system bootflash:asr1000rp1-adventerprisek9.02.04.00.122-33.XND.bin
boot-end-marker
!
vrf definition AMTELECOM.COM
rd 36125:101
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging buffered 65535
enable secret 5 $1$nzyp$yRFDDr/LTY9qqfn.70C6f0
!
aaa new-model
!
!
aaa group server radius CISCO-ACS-RADIUS
server-private 172.16.156.61 auth-port 1645 acct-port 1646 key SECRET
!
aaa group server radius AMTELECOM-ACS-RADIUS
server-private 172.16.156.61 auth-port 1812 acct-port 1813 key SECRET
!
!AAA configuration
aaa authentication ppp CISCO-ACS-AUTH group CISCO-ACS-RADIUS
aaa authentication ppp AMTELECOM-ACS-AUTH group AMTELECOM-ACS-RADIUS
aaa authorization network AUTHORIZATION-PPP group CISCO-ACS-RADIUS
aaa authorization subscriber-service default local
!
!
!
!
!
aaa session-id common
ip subnet-zero
ip source-route
no ip domain lookup
!
!
!
!
service-policy type control L2-ACCESS
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group LAC
request-dialin
protocol l2tp
domain cisco.com
! This vpdn-group is configured to tunnel users with cisco.com as a domain name
initiate-to ip 172.16.167.54
!Ip address of LNS
source-ip 172.16.163.48
!Ip address to be used as a source for l2tp packets
local name LAC
!Local name to be used for L2TP tunnel authetnication
l2tp tunnel password 0 cisco
!
!L2TP tunnel password
!
username ASR1006 password 0 cisco
username UBR10K-WIDE password 0 cisco
username LNS password 0 cisco
username LAC password 0 cisco
!
redundancy
mode none
!
!
!
!
!
class-map type control match-any AMTELECOM-DOMAIN
match unauthenticated-domain amtelecom.com
match unauthenticated-domain amtelecom.net
!
class-map type control match-all CISCO-DOMAIN
match unauthenticated-domain cisco.com
!
class-map type control match-all match_protocol_ppp
match protocol ppp
!
policy-map type service CISCO-SERVICE
service vpdn group LAC
!
policy-map type service AMTELECOM-SERVICE
!
policy-map type control DOMAIN-BASED-ACCESS
class type control CISCO-DOMAIN event session-start
1 authenticate aaa list CISCO-ACS-AUTH
2 service-policy type service name CISCO-SERVICE
!
class type control AMTELECOM-DOMAIN event session-start
1 authenticate aaa list AMTELECOM-ACS-AUTH
2 authorize aaa list AUTHORIZATION-PPP identifier authenticated-username
3 service-policy type service name AMTELECOM-SERVICE
!
!
policy-map type control L2-ACCESS
class type control match_protocol_ppp event session-start
1 collect identifier unauthenticated-domain
2 service-policy type control DOMAIN-BASED-ACCESS
!
!
policy-map type control amtelecom.com
!
!
!
!
bba-group pppoe MAIN-BBA
virtual-template 1
!
!
interface Loopback1
ip address 2.2.2.1 255.255.255.255
!
interface GigabitEthernet0/0/0
ip address 172.16.163.48 255.255.255.224
negotiation auto
cdp enable
!
interface GigabitEthernet0/0/1
no ip address
negotiation auto
cdp enable
!
interface GigabitEthernet0/0/1.666
encapsulation dot1Q 666
ip address 10.1.1.1 255.255.255.0
pppoe enable group MAIN-BBA
cdp enable
!
interface GigabitEthernet0/0/2
no ip address
shutdown
negotiation auto
cdp enable
!
interface GigabitEthernet0/0/3
no ip address
shutdown
negotiation auto
cdp enable
!
interface ATM0/1/0
no ip address
no atm enable-ilmi-trap
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
cdp enable
!
interface Virtual-Template1
! For local user termination which are not supposed to be tunneled.
description amtelecom.net ADSL Subscribers
mtu 800
ip unnumbered Loopback1
no ip proxy-arp
peer default ip address pool PPPoE-POOL
ppp authentication pap chap CISCO-ACS-AUTH
ppp ipcp dns 67.58.192.10 67.58.192.11
!
interface Group-Async0
physical-layer async
no ip address
encapsulation slip
!
ip local pool PPPoE-POOL 10.1.1.2 10.1.1.254
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.163.33
!
no ip http server
no ip http secure-server
!
!
!
radius-server attribute 8 include-in-access-req
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
privilege level 15
password cisco
stopbits 1
line vty 0 4
exec-timeout 60 0
privilege level 15
password cisco
logging synchronous
line vty 5 10
exec-timeout 60 0
privilege level 15
password cisco
logging synchronous
!
end
Tunnel setup messages along with user session setup messages that are being exchanged between LAC and LNS
The LAC decides that a tunnel must be initiated from the LAC to the LNS.
1. The LAC sends a Start-Control-Connection-Request (SCCRQ). A CHAP challenge and AV Pairs are included in this message.
2. The LNS responds with a Start-Control-Connection-Reply (SCCRP). A CHAP challenge, the response to LAC's challenge and AV Pairs are included in this message.
3. The LAC sends a Start-Control-Connection-Connected (SCCCN). The CHAP response is included in this message.
4. The LNS responds with a Zero-Length Body Acknowledgement (ZLB ACK). That acknowledgement may be carried in another message. The tunnel is up.
5. The LAC sends an Incoming-Call-Request (ICRQ) to the LNS.
6. The LNS responds with an Incoming-Call-Reply (ICRP) message.
7. The LAC sends an Incoming-Call-Connected (ICCN).
8. The LNS responds back with a ZLB ACK. That acknowledgement may also be carried in another message.
9. The session is up.
Note: The messages above used for opening a tunnel or a session carry Attribute Value Pairs (AVPs) defined in RFC 2661. They describe properties and information (such as Bearercap, hostname, vendor name and window size). Some AV pairs are mandatory and others are optional.
Note: A Tunnel ID is used to multiplex and demultiplex tunnels between the LAC and LNS. A session ID is used to identify a particular session with the tunnel.
For L2F, the setup for tunneling a PPP session is the same as for L2TP. It involves:
1. Establishing a tunnel between the NAS and the Home Gateway. This phase takes place only when there is no active tunnel between both devices.
2. Establishing a session between the NAS and the Home Gateway.
ASR1006-1#sh debug
General OS:
AAA Authentication debugging is on
AAA Authorization debugging is on
PPP:
PPP authentication debugging is on
PPP authorization debugging is on
PPP protocol negotiation debugging is on
PPPoE:
PPPoE protocol events debugging is on
PPPoE control packets debugging is on
PPPoE protocol errors debugging is on
VPN:
L2TP/PPTP protocol events debugging is on
L2TP/PPTP data packet debugging is on
L2TP/PPTP control packet debugging is on
L2TP/PPTP protocol errors debugging is on
RADIUS:
Radius protocol debugging is on
Radius protocol brief debugging is off
Radius protocol verbose debugging is off
Radius packet hex dump debugging is off
Radius packet protocol debugging is on
Radius packet retransmission debugging is off
Radius server fail-over debugging is off
Radius elog debugging is off
ASR1006#
*Sep 21 14:09:44.668: PPPoE 0: I PADI R:001b.d4ee.63c1 L:ffff.ffff.ffff 666 Gi0/0/1.666
contiguous pak, size 36
FF FF FF FF FF FF 00 1B D4 EE 63 C1 81 00 02 9A
88 63 11 09 00 00 00 0C 01 01 00 00 01 03 00 04
48 3A 81 9C
*Sep 21 14:09:44.668: Service tag: NULL Tag
*Sep 21 14:09:44.668: PPPoE 0: O PADO, R:0024.14ab.d701 L:001b.d4ee.63c1 666 Gi0/0/1.666
*Sep 21 14:09:44.668: Service tag: NULL Tag
contiguous pak, size 74
00 1B D4 EE 63 C1 00 24 14 AB D7 01 81 00 02 9A
88 63 11 07 00 00 00 32 01 01 00 00 01 03 00 04
48 3A 81 9C 01 02 00 0E 42 41 52 49 2D 41 53 52
31 30 30 36 2D 31 01 04 00 10 B5 A6 9C 64 34 D8
E3 56 66 10 B5 3F 2D A5 ...
ASR1006#
*Sep 21 14:09:46.624: PPPoE 0: I PADR R:001b.d4ee.63c1 L:0024.14ab.d701 666 Gi0/0/1.666
contiguous pak, size 74
00 24 14 AB D7 01 00 1B D4 EE 63 C1 81 00 02 9A
88 63 11 19 00 00 00 32 01 01 00 00 01 03 00 04
48 3A 81 9C 01 02 00 0E 42 41 52 49 2D 41 53 52
31 30 30 36 2D 31 01 04 00 10 B5 A6 9C 64 34 D8
E3 56 66 10 B5 3F 2D A5 ...
*Sep 21 14:09:46.624: Service tag: NULL Tag
*Sep 21 14:09:46.624: PPPoE : encap string prepared
*Sep 21 14:09:46.624: [26]PPPoE 26: Access IE handle allocated
*Sep 21 14:09:46.624: [26]PPPoE 26: AAA get retrieved attrs
*Sep 21 14:09:46.624: [26]PPPoE 26: AAA get nas port details
*Sep 21 14:09:46.624: AAA/BIND(0000002A): Bind i/f Virtual-Template1
*Sep 21 14:09:46.624: [26]PPPoE 26: AAA get dynamic attrs
*Sep 21 14:09:46.624: [26]PPPoE 26: AAA unique ID allocated
*Sep 21 14:09:46.624: [26]PPPoE 26: No AAA accounting method list
*Sep 21 14:09:46.624: [26]PPPoE 26: Service request sent to SSS
*Sep 21 14:09:46.625: [26]PPPoE 26: Created, Service: None R:0024.14ab.d701 L:001b.d4ee.63c1 666 Gi0/0/1.666
*Sep 21 14:09:46.626: [26]PPPoE 26: State NAS_PORT_POLICY_INQUIRY Event SSS MORE KEYS
*Sep 21 14:09:46.626: PPP: Alloc Context [34846A2C]
*Sep 21 14:09:46.626: ppp26 PPP: Phase is ESTABLISHING
*Sep 21 14:09:46.626: ppp26 PPP: Using AAA Unique Id = 2A
*Sep 21 14:09:46.626: [26]PPPoE 26: data path set to PPP
*Sep 21 14:09:46.626: [26]PPPoE 26: Segement (SSS class): PROVISION
*Sep 21 14:09:46.626: [26]PPPoE 26: State PROVISION_PPP Event SSM PROVISIONED
*Sep 21 14:09:46.627: [26]PPPoE 26: O PADS R:001b.d4ee.63c1 L:0024.14ab.d701 Gi0/0/1.666
contiguous pak, size 74
00 1B D4 EE 63 C1 00 24 14 AB D7 01 81 00 02 9A
88 63 11 65 00 1A 00 32 01 01 00 00 01 03 00 04
48 3A 81 9C 01 02 00 0E 42 41 52 49 2D 41 53 52
31 30 30 36 2D 31 01 04 00 10 B5 A6 9C 64 34 D8
E3 56 66 10 B5 3F 2D A5 ...
*Sep 21 14:09:46.627: [26]PPPoE 26: Failed to Add ANCP Line attributes to the PPPoE Authen attributes
*Sep 21 14:09:46.627: AAA/AUTHOR (0000002A): Method list id=0 not configured. Skip author
*Sep 21 14:09:46.627: ppp26 PPP: Authorization NOT required
*Sep 21 14:09:46.627: ppp26 PPP: Using vpn set call direction
*Sep 21 14:09:46.627: ppp26 PPP: Treating connection as a callin
*Sep 21 14:09:46.627: ppp26 PPP: Session handle[FF00001A] Session id[26]
*Sep 21 14:09:46.627: ppp26 LCP: Event[OPEN] State[Initial to Starting]
*Sep 21 14:09:46.627: ppp26 PPP LCP: Enter passive mode, state[Stopped]
*Sep 21 14:09:46.630: ppp26 LCP: I CONFREQ [Stopped] id 1 len 10
*Sep 21 14:09:46.630: ppp26 LCP: MagicNumber 0x1D104E53 (0x05061D104E53)
*Sep 21 14:09:46.630: ppp26 LCP: O CONFREQ [Stopped] id 1 len 18
*Sep 21 14:09:46.630: ppp26 LCP: MRU 800 (0x01040320)
*Sep 21 14:09:46.630: ppp26 LCP: Aut
ASR1006#hProto PAP (0x0304C023)
*Sep 21 14:09:46.630: ppp26 LCP: MagicNumber 0x2552192B (0x05062552192B)
*Sep 21 14:09:46.630: ppp26 LCP: O CONFACK [Stopped] id 1 len 10
*Sep 21 14:09:46.630: ppp26 LCP: MagicNumber 0x1D104E53 (0x05061D104E53)
*Sep 21 14:09:46.630: ppp26 LCP: Event[Receive ConfReq+] State[Stopped to ACKsent]
*Sep 21 14:09:46.631: ppp26 LCP: I CONFNAK [ACKsent] id 1 len 13
*Sep 21 14:09:46.631: ppp26 LCP: MRU 1500 (0x010405DC)
*Sep 21 14:09:46.631: ppp26 LCP: AuthProto CHAP (0x0305C22305)
*Sep 21 14:09:46.631: ppp26 LCP: O CONFREQ [ACKsent] id 2 len 19
*Sep 21 14:09:46.631: ppp26 LCP: MRU 1500 (0x010405DC)
*Sep 21 14:09:46.631: ppp26 LCP: AuthProto CHAP (0x0305C22305)
*Sep 21 14:09:46.631: ppp26 LCP: MagicNumber 0x2552192B (0x05062552192B)
*Sep 21 14:09:46.631: ppp26 LCP: Event[Receive ConfNak/Rej] State[ACKsent to ACKsent]
*Sep 21 14:09:46.633: ppp26 LCP: I CONFACK [ACKsent] id 2 len 19
*Sep 21 14:09:46.633: ppp26 LCP: MRU 1500 (0x010405DC)
*Sep 21 14:09:46.633: ppp26 LCP: AuthProto CHAP (0x0305C22305)
*Sep 21 14:09:46.633: ppp26 LCP: MagicNumber 0x2552192B (0x05062552192B)
*Sep 21 14:09:46.633: ppp26 LCP: Event[Receive ConfAck] State[ACKsent to Open]
*Sep 21 14:09:46.659: ppp26 PPP: Phase is AUTHENTICATING, by this end
*Sep 21 14:09:46.659: ppp26 CHAP: O CHALLENGE id 1 len 35 from "ASR1006"
*Sep 21 14:09:46.659: ppp26 LCP: State is Open
*Sep 21 14:09:46.661: ppp26 CHAP: I RESPONSE id 1 len 36 from ParamPreet@cisco.com
! username with cisco.com as a domain name is received
*Sep 21 14:09:46.661: ppp26 PPP: Phase is FORWARDING, Attempting Forward
*Sep 21 14:09:46.663: ppp26 PPP: Phase is AUTHENTICATING, Unauthenticated User
*Sep 21 14:09:46.663: AAA/AUTHEN/PPP (0000002A): Pick method list 'CISCO-ACS-AUTH'
*Sep 21 14:09:46.663: ppp26 PPP: Sent CHAP LOGIN Request
*Sep 21 14:09:46.663: RADIUS/ENCODE(0000002A):Orig. component type = PPoE
*Sep 21 14:09:46.663: RADIUS: AAA Unsupported Attr: interface [201] 9
*Sep 21 14:09:46.663: RADIUS: 30 2F 30 2F 31 2F 36 [ 0/0/1/6]
*Sep 21 14:09:46.663: RADIUS: AAA Unsupported Attr: client-mac-address[44] 14
*Sep 21 14:09:46.663: RADIUS: 30 30 31 62 2E 64 34 65 65 2E 36 33 [ 001b.d4ee.63]
*Sep 21 14:09:46.663: RADIUS(0000002A): Config NAS IP: 0.0.0.0
*Sep 21 14:09:46.663: RADIUS/ENCODE: No idb found! Framed IP Addr might not be included
*Sep 21 14:09:46.663: RADIUS/ENCODE(0000002A): acct_session_id: 32
*Sep 21 14:09:46.663: RADIUS(0000002A): sending
*Sep 21 14:09:46.663: RADIUS/ENCODE: Best Local IP-Address 172.16.163.48 for Radius-Server 172.16.156.61
*Sep 21 14:09:46.663: RADIUS(0000002A): Send Access-Request to 172.16.156.61:1645 id 1645/28, len 97
*Sep 21 14:09:46.663: RADIUS: authenticator 51 2E 93 02 2B EA F0 2D - C9 B8 D2 42 D1 39 F2 3B
*Sep 21 14:09:46.663: RADIUS: Framed-Protocol [7] 6 PPP [1]
*Sep 21 14:09:46.663: RADIUS: User-Name [1] 17 "ParamPreet@cisco.com"
*Sep 21 14:09:46.663: RADIUS: CHAP-Password [3] 19 *
*Sep 21 14:09:46.663: RADIUS: NAS-Port-Type [61] 6 Virtual [5]
*Sep 21 14:09:46.663: RADIUS: NAS-Port [5] 6 0
*Sep 21 14:09:46.663: RADIUS: NAS-Port-Id [87] 11 "0/0/1/666"
*Sep 21 14:09:46.664: RADIUS: Service-Type [6] 6 Framed [2]
*Sep 21 14:09:46.664: RADIUS: NAS-IP-Address [4] 6 172.16.163.48
*Sep 21 14:09:46.670: RADIUS: Received from id 1645/28 172.16.156.61:1645, Access-Accept, len 52
*Sep 21 14:09:46.670: RADIUS: authenticator CE D3 60 8A 67 B8 48 5B - 32 79 2A 5F 66 F2 3D E1
*Sep 21 14:09:46.670: RADIUS: Framed-IP-Address [8] 6 2.2.2.4
*Sep 21 14:09:46.670: RADIUS: Class [25] 26
*Sep 21 14:09:46.670: RADIUS: 43 41 43 53 3A 30 2F 31 32 34 37 61 62 2F 61 63 [CACS:0/1247ab/ac]
*Sep 21 14:09:46.670: RADIUS: 31 30 61 33 33 30 2F 30 [ 10a330/0]
*Sep 21 14:09:46.671: RADIUS(0000002A): Received from id 1645/28
*Sep 21 14:09:46.671: ppp26 PPP: Received LOGIN Response PASS
*Sep 21 14:09:46.671: ppp26 PPP AUTHOR: Author Data NOT Available
*Sep 21 14:09:46.671: ppp26 PPP: Phase is FORWARDING, Attempting Forward
*Sep 21 14:09:46.672: AAA/AUTHOR (0x2A): Pick method list 'default'
*Sep 21 14:09:46.673: ppp26 PPP: Receive Attrs from[SSS] Keep[NCPs] MERGE
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: username "CISCO-SERVICE"
*Se
ASR1006#p 21 14:09:46.673: ppp26 PPP: Skip Attr: password <hidden>
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: ip-addresses "172.16.167.54"
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: ip-address-limits "65535 "
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: tunnel-type 2 [l2tp]
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: sss-service 1 [vpdn]
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: vpdn-group "LAC"
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: tunnel-medium-type 1 [IPv4]
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: tunnel-id "LAC"
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: vpdn-group "LAC"
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: source-ip 172.16.163.48
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: l2tp-tunnel-authen "yes"
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: l2tp-tunnel-password <hidden>
*Sep 21 14:09:46.673: ppp26 PPP: Skip Attr: l2tp-silent-switchov 1 (0x1)
*Sep 21 14:09:46.674: [26]PPPoE 26: Access IE nas port called
*Sep 21 14:09:46.674: L2TUN APP: uid:26/handle/4118Peer AIE:2B00001A Peer-peer 00000000 Ours 00000000
! L2TP tunnel needs to be built for the user with domain name cisco.com
*Sep 21 14:09:46.674: L2TUN APP: uid:26/handle/4118New peer; get switch hdl 4121
*Sep 21 14:09:46.674: L2X _____:________: class [VPDN group LAC ip addr 172.16.167.54 client LAC]
*Sep 21 14:09:46.674: L2X _____:________: created
*Sep 21 14:09:46.674: L2X _____:________: class [VPDN group LAC ip addr 172.16.167.54 client LAC]
*Sep 21 14:09:46.674: L2X _____:________: App locked 0->1
*Sep 21 14:09:46.674: L2X _____:_____:________: Create logical session
*Sep 21 14:09:46.674: L2TP _____:_____:________: Create session
*Sep 21 14:09:46.674: L2TP _____:_____:________: App type set to VPDN
*Sep 21 14:09:46.674: L2TP 0001A:_____:________: UDP checksum ignore is enabled
*Sep 21 14:09:46.674: L2TP 0001A:_____:________: Sequencing default tx disabled
*Sep 21 14:09:46.674: L2TP 0001A:_____:________: Sequencing default rx disabled
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: Framing set to sync
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: Bearer set to none
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: Set HA epoch to 0
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: L2TPoUDP session needed between
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: 172.16.163.48:0<->172.16.167.54:0
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: Using ICRQ FSM
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: FSM-Sn ev created
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: FSM-Sn Init->Idle
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: FSM-Sn do none
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: remote ip set to 172.16.167.54
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: local ip set to 172.16.163.48
! Tunnel endpoints was determined
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: no cookies enabled
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: FSM-Sn ev App-Conn
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: FSM-Sn Idle->Wt-CC
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: FSM-Sn do App-Connect
*Sep 21 14:09:46.675: L2TP 0001A:_____:________: Find or create cc for session
*Sep 21 14:09:46.675: L2TP _____:________: Find cc between
*Sep 21 14:09:46.675: L2TP _____:________: 172.16.163.48<->172.16.167.54
*Sep 21 14:09:46.675: L2TP _____:________: with class: VPDN group LAC ip addr 172.16.167.54 client LAC
*Sep 21 14:09:46.675: L2TP _____:________: and group: "
*Sep 21 14:09:46.675: L2TP _____:________: and group: "VPDN group LAC ip addr 172.16.167.54 client LAC..."
*Sep 21 14:09:46.675: L2TP _____:________: and IP proto: L2TPoUDP
*Sep 21 14:09:46.675: L2TP _____:________: and framing type: sync
*Sep 21 14:09:46.675: L2TP _____:________: and bearer type: none
*Sep 21 14:09:46.675: L2TP _____:________: and version: V2
*Sep 21 14:09:46.675: L2TP _____:________: and local hostname: LAC
*Sep 21 14:09:46.675: L2TP _____:________: Need to instigate control channel
*Sep 21 14:09:46.675: L2X tnl 08016:________: Create logical tunnel
*Sep 21 14:09:46.675: L2TP tnl 08016:________: Create tunnel
*Sep 21 14:09:46.675: L2TP tnl 08016:________: version set to V2[1]
*Sep 21 14:09:46.675: L2TP tnl 08016:________: remote ip set to 172.16.167.54
*Sep 21 14:09:46.675: L2TP tnl 08016:________: local ip set to 172.16.163.48
*Sep 21 14:09:46.675: L2X _____:________: class [VPDN group LAC ip addr 172.16.167.54 client LAC]
*Sep 21 14:09:46.675: L2X _____:________: Protocol locked 0->1
*Sep 21 14:09:46.675: L2TP tnl 08016:00008C1E: class name VPDN group LAC ip addr 172.16.167.54 client LAC
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: group set to "
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: group set to "VPDN group LAC ip addr 172.16.167.54 client LAC..."
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: FSM-CC ev Session-Conn
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: FSM-CC Idle->Wt-Sock
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: FSM-CC do Session-Conn-Sock
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: Session count now 1
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: VPDN Session count now 1
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: Open sock 172.16.163.48:1701->172.16.167.54:1701
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: FSM-CC ev Sock-Ready
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: FSM-CC Wt-Sock->Wt-SCCRP
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: FSM-CC do Tx-SCCRQ
! LAC is ready to send SCCRQ to create a tunnel with tunnel authenticaiton
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E:
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: Tx SCCRQ to 172.16.167.54
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: adjust receiving window size for HA
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: IETF v2:
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: Protocol Version 1, Revision 0
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: Framing Cap none(0x0)
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: Firmware Ver 0x1130
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: Hostname "
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: Hostname "LAC"
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: Vendor Name
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: "
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: "Cisco Systems, Inc."
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: Assigned Tunnel I 0x00008C1E (35870)
*Sep 21 14:09:46.676: L2TP tnl 08016:00008C1E: Recv Window Size 1024
*Sep 21 14:09:46.677: L2TP tnl 08016:00008C1E: Challenge [16]
*Sep 21 14:09:46.677: L2TP tnl 08016:00008C1E: 0x82074AF8B231A90583D6FCF36CD7A667
*Sep 21 14:09:46.677: L2TP tnl 08016:00008C1E: PPPoE Relay Forward Capable Cisco v2:
*Sep 21 14:09:46.677: L2TP tnl 08016:00008C1E:
*Sep 21 14:09:46.677: L2TP tnl 08016:00008C1E: O SCCRQ 0/0 ns/nr 0/0. cur/max resendQ sz 0/4
*Sep 21 14:09:46.677: L2TP tnl 08016:00008C1E: Tx SCCRQ, flg TLS, ver 2, len 142
*Sep 21 14:09:46.677: L2TP tnl 08016:00008C1E: tnl 0, ns 0, nr 0
*Sep 21 14:09:46.677: contiguous pak, size 142
C8 02 00 8E 00 00 00 00 00 00 00 00 80 08 00 00
00 00 00 01 80 08 00 00 00 02 01 00 80 0A 00 00
00 03 00 00 00 00 00 08 00 00 00 06 11 30 80 09
00 00 00 07 4C 41 43 00 19 00 00 00 08 43 69 73
63 6F 20 53 79 73 74 65 6D 73 2C 20 49 6E 63 2E
80 08 00 00 00 09 8C 1E 80 08 00 00 00 0A 04 00
80 16 00 00 00 0B 82 07 4A F8 B2 31 A9 05 83 D6
FC F3 6C D7 A6 67 00 06 00 00 00 38 00 06 00 00
00 39 00 06 00 09 00 6E 00 06 00 09 00 6F
*Sep 21 14:09:46.677: L2TP 0001A:08016:00002A05: Session attached
*Sep 21 14:09:46.677: L2TP 0001A:08016:00002A05: FSM-Sn ev DP-Setup
*Sep 21 14:09:46.677: L2TP 0001A:08016:00002A05: FSM-Sn in Wt-CC
*Sep 21 14:09:46.677: L2TP 0001A:08016:00002A05: FSM-Sn do Ignore-DP-Setup
*Sep 21 14:09:46.677: [26]PPPoE 26: State LCP_NEGOTIATION Event PPP FORWARDING
*Sep 21 14:09:46.678: [26]PPPoE 26: Segement (SSS class): UPDATED
*Sep 21 14:09:46.678: [26]PPPoE 26: SSS switch updated
*Sep 21 14:09:47.676: L2X:Punting to L2TP control message queue
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: Drain unsentQ, cur/max resendQ sz 0/4, unsentQ 0
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: L2TP: Parse IETF AVP 2, len 8, flag 0x8000 (M)
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: L2TP: Parse IETF AVP 3, len 10, flag 0x8000 (M)
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: L2TP: Parse IETF AVP 4, len 10, flag 0x8000 (M)
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: L2TP: Parse IETF AVP 6, len 8, flag 0x0
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: L2TP: Parse IETF AVP 7, len 9, flag 0x8000 (M)
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: L2TP: Parse IET
ASR1006#F AVP 8, len 25, flag 0x0
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: L2TP: Parse IETF AVP 9, len 8, flag 0x8000 (M)
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: L2TP: Parse IETF AVP 10, len 8, flag 0x8000 (M)
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: L2TP: Parse IETF AVP 11, len 22, flag 0x8000 (M)
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: L2TP: Parse IETF AVP 13, len 22, flag 0x8000 (M)
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: No missing AVPs in SCCRP
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E:
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: Rx SCCRP, flg TLS, ver 2, len 150
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: tnl 35870, ns 0, nr 1
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: IETF v2:
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: Protocol Version 1, Revision 0
*Sep 21 14:09:47.677: L2TP tnl 08016:00008C1E: Framing Cap none(0x0)
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Bearer Cap none(0x0)
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Firmware Ver 0x1120
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Hostname "
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Hostname "LNS"
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Vendor Name
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: "
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: "Cisco Systems, Inc."
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Assigned Tunnel I 0x00005630 (22064)
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Recv Window Size 5000
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Challenge [16]
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: 0xFEEE5BE8CF5D1A17CA58A93DD69D2CA6
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Challenge Resp [16]
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: 0xB113C8371CCD6770287DF21E76CA44FB
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E:
*Sep 21 14:09:47.678: contiguous pak, size 150
C8 02 00 96 8C 1E 00 00 00 00 00 01 80 08 00 00
00 00 00 02 80 08 00 00 00 02 01 00 80 0A 00 00
00 03 00 00 00 00 80 0A 00 00 00 04 00 00 00 00
00 08 00 00 00 06 11 20 80 09 00 00 00 07 4C 4E
53 00 19 00 00 00 08 43 69 73 63 6F 20 53 79 73
74 65 6D 73 2C 20 49 6E 63 2E 80 08 00 00 00 09
56 30 80 08 00 00 00 0A 13 88 80 16 00 00 00 0B
FE EE 5B E8 CF 5D 1A 17 CA 58 A9 3D D6 9D 2C A6
80 16 00 00 00 0D B1 13 C8 37 1C CD 67 70 28 7D
F2 1E 76 CA 44 FB
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: I SCCRP from LNS
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: FSM-CC ev Rx-SCCRP
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: FSM-CC Wt-SCCRP->Proc-SCCRP
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: FSM-CC do Rx-SCCRP
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Got a challenge in SCCRP from LNS
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Got a response in SCCRP from LNS
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Tunnel Authentication success
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Auth glob Challenge/Response AVP Passed, 5
*Sep 21 14:09:47.678: L2TP tnl 08016:00008C1E: Auth glob Overall Ignored, 11
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: FSM-CC ev SCCRP-OK
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: FSM-CC Proc-SCCRP->established
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: FSM-CC do Tx-SCCCN
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E:
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: Tx SCCCN to LNS tnl 22064
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: IETF v2:
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: Challenge Resp [16]
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: 0x202F8BFDA4EE702E8010961ED40FFD67
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E:
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: O SCCCN 22064/0 ns/nr 1/1. cur/max resendQ sz 0/10
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: Tx SCCCN, flg TLS, ver 2, len 42
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: tnl 22064, ns 1, nr 1
*Sep 21 14:09:47.679: contiguous pak, size 42
C8 02 00 2A 56 30 00 00 00 01 00 01 80 08 00 00
00 00 00 03 80 16 00 00 00 0D 20 2F 8B FD A4 EE
70 2E 80 10 96 1E D4 0F FD 67
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: Tunnel accounting send not possible - no id
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: Control channel up
*Sep 21 14:09:47.679: L2TP tnl 08016:00008C1E: 172.16.163.48<->172.16.167.54
*Sep 21 14:09:47.679: L2TP 0001A:08016:00002A05: FSM-Sn ev CC-Up
*Sep 21 14:09:47.679: L2TP 0001A:08016:00002A05: FSM-Sn Wt-CC->Wt-Sock
*Sep 21 14:09:47.679: L2TP 0001A:08016:00002A05: FSM-Sn do CC-Up
*Sep 21 14:09:47.679: L2TP 0001A:08016:00002A05: Session needs to have:
*Sep 21 14:09:47.679: L2TP 0001A:08016:00002A05: V2 PPTP
*Sep 21 14:09:47.679: L2TP 0001A:08016:00002A05: Peer cc can do:
*Sep 21 14:09:47.679: L2TP 0001A:08016:00002A05: V2
*Sep 21 14:09:47.679: L2TP 0001A:08016:00002A05: Open sock 172.16.163.48:1701->172.16.167.54:1701
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: FSM-Sn ev Sock-Ready
! Tunnel setup is finished and now user session needs to be transmitted to LNS
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: FSM-Sn Wt-Sock->Wt-Tx-ICRQ
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: FSM-Sn do Tx-ICRQ-Local-Check
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: FSM-Sn ev Local-Cont
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: FSM-Sn Wt-Tx-ICRQ->Wt-Rx-ICRP
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: FSM-Sn do Tx-ICRQ
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05:
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: Tx ICRQ to LNS 22064/0
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: IETF v2:
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: Assigned Call ID 0x00002A05 (10757)
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: Serial Number 3057500006
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: Bearer Type none(0)
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: Cisco v2:
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: Client NAS Port [9]
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: ""<0F><10><09><02><03><01><00><02><9A>"
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05:
*Sep 21 14:09:47.680: L2TP 0001A:08016:00002A05: O ICRQ 22064/0 ns/nr 2/1. cur/max resendQ sz 1/10
*Sep 21 14:09:47.681: L2TP 0001A:08016:00002A05: Tx ICRQ, flg TLS, ver 2, len 63
*Sep 21 14:09:47.681: L2TP 0001A:08016:00002A05: tnl 22064, lsid 10757, rsid 0, ns 2, nr 1
*Sep 21 14:09:47.681: contiguous pak, size 63
C8 02 00 3F 56 30 00 00 00 02 00 01 80 08 00 00
00 00 00 0A 80 08 00 00 00 0E 2A 05 80 0A 00 00
00 0F B6 3D BF 66 80 0A 00 00 00 12 00 00 00 00
00 0F 00 09 00 64 0F 10 09 02 03 01 00 02 9A
*Sep 21 14:09:47.681: L2TP tnl 08016:00008C1E: Drain unsentQ, cur/max resendQ sz 1/10, unsentQ 0
*Sep 21 14:09:47.681: L2TP tnl 08016:00008C1E:
*Sep 21 14:09:47.681: L2TP tnl 08016:00008C1E: Rx ZLB ACK, flg TLS, ver 2, len 12
*Sep 21 14:09:47.681: L2TP tnl 08016:00008C1E: tnl 35870, ns 1, nr 2
*Sep 21 14:09:47.681: L2TP tnl 08016:00008C1E:
*Sep 21 14:09:47.681: contiguous pak, size 12
C8 02 00 0C 8C 1E 00 00 00 01 00 02
*Sep 21 14:09:47.681: L2X:Punting to L2TP control message queue
*Sep 21 14:09:47.681: L2TP tnl 08016:00008C1E: ICRP: Perform early message digest validation
*Sep 21 14:09:47.681: L2TP tnl 08016:00008C1E: Auth glob Overall Ignored, 12
*Sep 21 14:09:47.681: L2TP tnl 08016:00008C1E: Drain unsentQ, cur/max resendQ sz 0/10, unsentQ 0
*Sep 21 14:09:47.681: L2TP 0001A:08016:00002A05: L2TP: Parse IETF AVP 14, len 8, flag 0x8000 (M)
*Sep 21 14:09:47.682: L2TP tnl 08016:00008C1E: No missing AVPs in ICRP
*Sep 21 14:09:47.682: L2TP tnl 08016:00008C1E:
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: Rx ICRP, flg TLS, ver 2, len 28
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: tnl 35870, lsid 10757, rsid 0, ns 1, nr 3
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: IETF v2:
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: Assigned Call ID 0x00000002 (2)
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05:
*Sep 21 14:09:47.682: contiguous pak, size 28
C8 02 00 1C 8C 1E 2A 05 00 01 00 03 80 08 00 00
00 00 00 0B 80 08 00 00 00 0E 00 02
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: FSM-Sn ev Rx-ICRP
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: FSM-Sn Wt-Rx-ICRP->Proc-ICRP
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: FSM-Sn do Rx-ICRP
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: MTU is 65535
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: Dataplane provisioned, segment 8226
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: Remote AC is now UP
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: Local AC is now UP
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: VPDN: process AVPs
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: FSM-Sn ev ICRP-OK
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: FSM-Sn Proc-ICRP->Wt-Tx-ICCN
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: FSM-Sn do Tx-ICCN-Local-Check
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05:
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05:
*Sep 21 14:09:47.682: L2TP 0001A:08016:00002A05: FSM: ICCN->172.16.167.54 waiting for dataplane UP
*Sep 21 14:09:47.683: L2TP 0001A:08016:00002A05: Tx ZLB ACK to LNS 22064/2
*Sep 21 14:09:47.683: L2TP:(Tnl35870:Sn10757)L2X setup sss switching
*Sep 21 14:09:47.683: L2X:Session DB (Tnl/Sn: 35870/10757): Stored the switching session in the session DB
*Sep 21 14:09:47.683: L2TP:(Tnl35870:Sn10757)L2X s/w switching session provisioned
*Sep 21 14:09:47.683: L2TP:(Tnl35870:Sn10757)L2TP s/w session mode changed to L2_L2
*Sep 21 14:09:47.683: L2TP:(Tnl35870:Sn10757)L2X s/w switching session bound
*Sep 21 14:09:47.683: [26]PPPoE 26: Segment (SSS class): BOUND
*Sep 21 14:09:47.683: [26]PPPoE 26: data path set to SSS Switch
*Sep 21 14:09:47.684: L2TP 0001A:08016:00002A05: FSM-Sn ev DP-Up
*Sep 21 14:09:47.684: L2TP 0001A:08016:00002A05: FSM-Sn in Wt-Tx-ICCN
*Sep 21 14:09:47.684: L2TP 0001A:08016:00002A05: FSM-Sn do Tx-ICCN-Local-Check
*Sep 21 14:09:47.684: L2TP 0001A:08016:00002A05: FSM-Sn ev Local-Cont
*Sep 21 14:09:47.684: L2TP 0001A:08016:00002A05: FSM-Sn Wt-Tx-ICCN->established
*Sep 21 14:09:47.684: L2TP 0001A:08016:00002A05: FSM-Sn do Tx-ICCN
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05:
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Tx ICCN to LNS 22064/2
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: IETF v2:
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Framing Type sync(1)
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Connect Speed 100000000
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Last Sent LCPREQ [15]
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: 0x010405DC0305C2230505062552192B
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Last Rx LCPREQ [6] 0x05061D104E53
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Proxy Auth Type 2
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Proxy Auth Name
*Sep 21 14:09:47.685: L2T
ASR1006#P 0001A:08016:00002A05: ""ParamPreet@cisco.com"
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Proxy Auth Chal [16]
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: 0x512E93022BEAF02DC9B8D242D139F23B
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Proxy Auth ID 1
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Proxy Auth Resp [16]
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: 0xDF93463A1158B2FA5FD3182331E79C1E
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Rx Speed 100000000
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Cisco v2:
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05: Fixed CHAP Ch ID 0
*Sep 21 14:09:47.685: L2TP 0001A:08016:00002A05:
*Sep 21 14:09:47.686: L2TP 0001A:08016:00002A05: O ICCN 22064/2 ns/nr 3/2. cur/max resendQ sz 0/10
*Sep 21 14:09:47.686: L2TP 0001A:08016:00002A05: Tx ICCN, flg TLS, ver 2, len 171
*Sep 21 14:09:47.686: L2TP 0001A:08016:00002A05: tnl 22064, lsid 10757, rsid 2, ns 3, nr 2
*Sep 21 14:09:47.686: contiguous pak, size 171
C8 02 00 AB 56 30 00 02 00 03 00 02 80 08 00 00
00 00 00 0C 80 0A 00 00 00 13 00 00 00 01 80 0A
00 00 00 18 05 F5 E1 00 00 15 00 00 00 1B 01 04
05 DC 03 05 C2 23 05 05 06 25 52 19 2B 00 0C 00
00 00 1C 05 06 1D 10 4E 53 00 08 00 00 00 1D 00
02 00 15 00 00 00 1E 6A 61 79 75 32 40 63 69 73
63 6F 2E 63 6F 6D 00 16 00 00 00 1F 51 2E 93 02
2B EA F0 2D C9 B8 D2 42 D1 39 F2 3B 00 08 00 00
00 20 00 01 00 16 00 00 00 21 DF 93 46 3A 11 58
B2 FA 5F D3 18 23 31 E7 9C 1E 00 0A 00 00 00 26
*Sep 21 14:09:47.686: ...
*Sep 21 14:09:47.686: L2TP 0001A:08016:00002A05: FSM-Sn ev Established
*Sep 21 14:09:47.686: L2TP 0001A:08016:00002A05: FSM-Sn in established
*Sep 21 14:09:47.686: L2TP 0001A:08016:00002A05: FSM-Sn do Established
*Sep 21 14:09:47.686: L2TP 0001A:08016:00002A05: Session up
*Sep 21 14:09:47.686: L2TP 0001A:08016:00002A05: 172.16.163.48<->172.16.167.54
*Sep 21 14:09:47.686: L2X:Punting to L2TP control message queue
*Sep 21 14:09:47.687: [26]PPPoE 26: AAA get dynamic attrs
*Sep 21 14:09:47.687: L2TP tnl 08016:00008C1E: Drain unsentQ, cur/max resendQ sz 0/10, unsentQ 0
*Sep 21 14:09:47.687: L2TP tnl 08016:00008C1E:
*Sep 21 14:09:47.687: L2TP tnl 08016:00008C1E: Rx ZLB ACK, flg TLS, ver 2, len 12
*Sep 21 14:09:47.687: L2TP tnl 08016:00008C1E: tnl 35870, ns 2, nr 4
*Sep 21 14:09:47.687: L2TP tnl 08016:00008C1E:
*Sep 21 14:09:47.687: contiguous pak, size 12
C8 02 00 0C 8C 1E 00 00 00 02 00 04
*Sep 21 14:09:47.690: ppp26 PPP: Phase is FORWARDED, Session Forwarded
*Sep 21 14:09:47.690: [26]PPPoE 26: State LCP_NEGOTIATION Event PPP FORWARDED
*Sep 21 14:09:47.690: [26]PPPoE 26: Connected Forwarded
ASR1006#
ASR1006#
ASR1006#
ASR1006#sh vpdn
L2TP Tunnel and Session Information Total tunnels 1 sessions 1
LocTunID RemTunID Remote Name State Remote Address Sessn L2TP Class/
Count VPDN Group
45050 64102 LNS est 172.16.167.54 1 LAC
LocID RemID TunID Username, Intf/ State Last Chg Uniq ID
Vcid, Circuit
44667 5 45050 Para..., Gi0/0/1.666 est 00:01:03 23
ASR1006#
ASR1006#sh vpdn tunnel all
L2TP Tunnel Information Total tunnels 1 sessions 1
Tunnel id 45050 is up, remote id is 64102, 1 active sessions
Locally initiated tunnel
Tunnel state is established, time since change 00:01:21
Tunnel transport is UDP (17)
Remote tunnel name is LNS
Internet Address 172.16.167.54, port 1701
Local tunnel name is LAC
Internet Address 172.16.163.48, port 1701
L2TP class for tunnel is LAC
Counters, taking last clear into account:
29 packets sent, 26 received
1298 bytes sent, 788 received
Last clearing of counters never
Counters, ignoring last clear:
29 packets sent, 26 received
1298 bytes sent, 788 received
Control Ns 4, Nr 2
Local RWS 1024 (default), Remote RWS 5000
In Use Remote RWS 10
Control channel Congestion Control is disabled
Tunnel PMTU checking disabled
Retransmission time 1, max 1 seconds
Unsent queuesize 0, max 0
Resend queuesize 0, max 2
Total resends 0, ZLB ACKs sent 1
Total out-of-order dropped pkts 0
Total out-of-order reorder pkts 0
Total peer authentication failures 0
Current no session pak queue check 0 of 5
Retransmit time distribution: 0 0 0 0 0 0 0 0 0
Control message authentication is disabled
VPDN group for tunnel is LAC
Tunnel domain is CISCO-SERVICE
ASR1006#
ASR1006#
ASR1006#sh vpdn session all
L2TP Session Information Total tunnels 1 sessions 1
Session id 44667 is up, logical session id 32788, tunnel id 45050
Remote session id is 5, remote tunnel id 64102
Locally initiated session
Unique ID is 23
L2-L2 IDB switching enabled
Session username is ParamPreet@cisco.com
Interface Gi0/0/1.666
Call serial number is 3057500004
Remote tunnel name is LNS
Internet address is 172.16.167.54
Local tunnel name is LAC
Internet address is 172.16.163.48
IP protocol 17
Session is L2TP signaled
Session state is established, time since change 00:01:38
31 Packets sent, 28 received
1326 Bytes sent, 816 received
Last clearing of counters never
Counters, ignoring last clear:
31 Packets sent, 28 received
1326 Bytes sent, 816 received
Receive packets dropped:
out-of-order: 0
other: 0
total: 0
Send packets dropped:
exceeded session MTU: 0
other: 0
total: 0
DF bit off, ToS reflect disabled, ToS value 0, TTL value 0
Sending UDP checksums are disabled
Received UDP checksums are ignored
No session cookie information available
FS cached header information:
encap size = 36 bytes
4500001c 00000000 ff111949 ac10a330
ac10a736 06a506a5 00080000 0202fa66
00050000
Sequencing is off
Conditional debugging is disabled
SSM switch id is 4118, SSM segment id is 8220
ASR1006#
! PPPoE user disconnects the session
*Sep 21 14:10:54.272: PPPoE 26: I PADT R:001b.d4ee.63c1 L:0024.14ab.d701 666 Gi0/0/1.666
! PADT is received from the PPPoE client and session needs to be disconnected
contiguous pak, size 64
00 24 14 AB D7 01 00 1B D4 EE 63 C1 81 00 02 9A
88 63 11 A7 00 1A 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
*Sep 21 14:10:54.272: ppp26 PPP DISC: Lower Layer disconnected
*Sep 21 14:10:54.272: ppp26 PPP: Sending Acct Event[Down] id[2A]
*Sep 21 14:10:54.272: [26]PPPoE 26: Destroying R:001b.d4ee.63c1 L:0024.14ab.d701 666 Gi0/0/1.666
*Sep 21 14:10:54.272: [26]PPPoE 26: AAA get dynamic attrs
*Sep 21 14:10:54.272: [26]PPPoE 26: AAA account stopped
*Sep 21 14:10:54.273: ppp26 LCP: Event[DOWN] State[Open to Starting]
*Sep 21 14:10:54.273: ppp26 PPP: Clearing AAA Unique Id = 2A
*Sep 21 14:10:54.273: ppp26 PPP: Phase is DOWN
*Sep 21 14:10:54.274: L2TUN APP: uid:26/handle/4118Free switch hdl 4121
*Sep 21 14:10:54.274: L2TUN APP: uid:26/handle/4118shutdown app session
*Sep 21 14:10:54.276: L2TP 0001A:08016:00002A05: Shutting down session
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Result Code
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Call disconnected, refer to error msg (2)
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Error Code
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Vendor specific (6)
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Vendor Error
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: None (0)
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Optional Message
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: "user-request/Call Disconnect"
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05:
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: FSM-Sn ev App-Disc
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: FSM-Sn in established
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: FSM-Sn do App-Disc-Active
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05:
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Tx CDN to LNS 22064/2
! LAC will send CDN to LNS for Connection Disconnect
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: IETF v2:
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Result Code
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Call disconnected, refer to error msg(2)
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Error code
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Vendor specific(6)
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Optional msg
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: "
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: "user-request/Call Disconnect"
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Assigned Call ID 0x00002A05 (10757)
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: PPP Disconnect Cause Code (IETF) disconnected, code 3, direction local for CP 0x0
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: Cisco v2:
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05: PPP Disconnect Cause Code (Cisco) disconnected, code 3, direction local for CP 0x0
*Sep 21 14:10:54.277: L2TP 0001A:08016:00002A05:
*Sep 21 14:10:54.278: L2TP 0001A:08016:00002A05: O CDN 22064/2 ns/nr 4/2. cur/max resendQ sz 0/10
*Sep 21 14:10:54.278: L2TP 0001A:08016:00002A05: Tx CDN, flg TLS, ver 2, len 88
*Sep 21 14:10:54.278: L2TP 0001A:08016:00002A05: tnl 22064, lsid 10757, rsid 2, ns 4, nr 2
*Sep 21 14:10:54.278: contiguous pak, size 88
C8 02 00 58 56 30 00 02 00 04 00 02 80 08 00 00
00 00 00 0E 80 26 00 00 00 01 00 02 00 06 75 73
65 72 2D 72 65 71 75 65 73 74 2F 43 61 6C 6C 20
44 69 73 63 6F 6E 6E 65 63 74 80 08 00 00 00 0E
2A 05 00 0B 00 00 00 2E 00 03 00 00 02 00 0B 00
09 00 68 00 03 00 00 02
*Sep 21 14:10:54.278: L2X _____:________: class [VPDN group LAC ip addr 172.16.167.54 client LAC]
*Sep 21 14:10:54.278: L2X _____:________: App unlocked 1->0
*Sep 21 14:10:54.278: L2TP:(Tnl35870:Sn10757)L2X s/w switching session unbound
*Sep 21 14:10:54.278: [26]PPPoE 26: Segement (SSS class): UNPROVISION
*Sep 21 14:10:54.279: L2X:Punting to L2TP control message queue
*Sep 21 14:10:54.279: L2TP 0001A:08016:00002A05: Session down
*Sep 21 14:10:54.279: L2TP 0001A:08016:00002A05: 172.16.163.48<->172.16.167.54
*Sep 21 14:10:54.279: L2TP 0001A:08016:00002A05: Destroying session
*Sep 21 14:10:54.279: L2TP 0001A:08016:00002A05: Dataplane deallocated, segment 0
*Sep 21 14:10:54.279: L2TP tnl 08016:00008C1E: FSM-CC ev Session-Disc
*Sep 21 14:10:54.279: L2TP tnl 08016:00008C1E: FSM-CC in established
*Sep 21 14:10:54.279: L2TP tnl 08016:00008C1E: FSM-CC do Session-Disc-Est
*Sep 21 14:10:54.279: L2TP tnl 08016:00008C1E: Session count now 0
*Sep 21 14:10:54.279: L2TP tnl 08016:00008C1E: VPDN Session count now 0
*Sep 21 14:10:54.279: L2TP tnl 08016:00008C1E: FSM-CC ev No-Users
*Sep 21 14:10:54.279: L2TP tnl 08016:00008C1E: FSM-CC established->Est-No-User
*Sep 21 14:10:54.279: L2TP tnl 08016:00008C1E: FSM-CC do No-Users
*Sep 21 14:10:54.279: L2TP tnl 08016:00008C1E: No more cc users, shutdown (likely) in 15 secs
*Sep 21 14:10:54.279: L2TP 0001A:_____:________: Session detached
*Sep 21 14:10:54.279: L2X 0001A:_____:________: Destroying logical session
*Sep 21 14:10:54.280: L2TP tnl 08016:00008C1E: Drain unsentQ, cur/max resendQ sz 0/10, unsentQ 0
*Sep 21 14:10:54.280: L2TP tnl 08016:00008C1E:
*Sep 21 14:10:54.280: L2TP tnl 08016:00008C1E: Rx ZLB ACK, flg TLS, ver 2, len 12
*Sep 21 14:10:54.280: L2TP tnl 08016:00008C1E: tnl 35870, ns 2, nr 5
ASR1006#
*Sep 21 14:10:54.280: L2TP tnl 08016:00008C1E:
*Sep 21 14:10:54.280: contiguous pak, size 12
C8 02 00 0C 8C 1E 00 00 00 02 00 05
*Sep 21 14:10:54.280: L2TP:(Tnl35870:Sn10757)L2X s/w switching session unprovisioned
*Sep 21 14:10:54.280: L2X:Session DB (Tnl/Sn: 35870/10757): Removed the switching session from the session DB
*Sep 21 14:10:54.499: ppp26 PPP: Free Context [34846A2C]
ASR1006#
*Sep 21 14:11:04.279: L2X:Punting to L2TP control message queue
*Sep 21 14:11:04.279: L2TP tnl 08016:00008C1E: StopCCN: skip authen, no nonce yet
*Sep 21 14:11:04.279: L2TP tnl 08016:00008C1E: L2TP: Parse IETF AVP 9, len 8, flag 0x8000 (M)
*Sep 21 14:11:04.279: L2TP tnl 08016:00008C1E: L2TP: Parse IETF AVP 1, len 10, flag 0x8000 (M)
*Sep 21 14:11:04.279: L2TP tnl 08016:00008C1E: No missing AVPs in StopCCN
*Sep 21 14:11:04.279: L2TP tnl 08016:00008C1E:
*Sep 21 14:11:04.279: L2TP tnl 08016:00008C1E: Rx StopCCN, flg TLS, ver 2, len 38
*Sep 21 14:11:04.279: L2TP tnl 08016:00008C1E: tnl 35870, ns 2, nr 5
*Sep 21 14:11:04.279: L2TP tnl 08016:00008C1E: IETF v2:
*Sep 21 14:11:04.279: L2TP tnl 08016:00008C1E: Result Code
*Sep 21 14:11:04.279: L2TP tnl 08016:00008C1E: General error - refer to error code(1)
*Sep 21 14:11:04.279: L2TP tnl 08016:00008C1E: Error code
*Sep 21 14:11:04.279: L2TP tnl 08016:00008C1E: No error(0)
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: Assigned Tunnel I 0x00005630 (22064)
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E:
*Sep 21 14:11:04.280: contiguous pak, size 38
C8 02 00 26 8C 1E 00 00 00 02 00 05 80 08 00 00
00 00 00 04 80 08 00 00 00 09 56 30 80 0A 00 00
00 01 00 01 00 00
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: Tx ZLB ACK to LNS tnl 22064
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E:
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: Rx StopCCN from LNS tnl 22064
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: FSM-CC ev Rx-StopCCN
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: FSM-CC in Est-No-User
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: FSM-CC do Rx-StopCCN
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E:
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: Shutting down tunnel
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: Result Code
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: General error - refer to error code
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: Error Code
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: No error
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: Vendor Error
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: None
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: Optional Message
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: "No disconnect reason given"
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E:
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: FSM-CC ev Shut-Now
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: FSM-CC Est-No-User->Wt-STOPACK
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: FSM-CC do Shutnow
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: FSM-CC ev Shut-Comp
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: FSM-CC Wt-STOPACK->Dead
*Sep 21 14:11:04.280: L2TP tnl 08016:00008C1E: FSM-CC do Shutdown-Completed
*Sep 21 14:11:04.281: L2TP tnl 08016:00008C1E: Tunnel accounting send not possible - no id
*Sep 21 14:11:04.281: L2TP tnl 08016:00008C1E: Control channel down
*Sep 21 14:11:04.281: L2TP tnl 08016:00008C1E: 172.16.163.48<->172.16.167.54
*Sep 21 14:11:04.281: L2TP tnl 08016:00008C1E: Destroying tunnel
*Sep 21 14:11:04.281: L2X tnl 08016:________: Destroying logical tunnel
*Sep 21 14:11:04.281: L2X _____:________: class [VPDN group LAC ip addr 172.16.167.54 client LAC]
*Sep 21 14:11:04.281: L2X _____:________: Protocol unlocked 1->0
ASR1006#
*Sep 21 14:11:04.281: L2X _____:________: class[VPDN group LAC ip addr 172.16.167.54 client LAC]
*Sep 21 14:11:04.281: L2X _____:________: no more locks
*Sep 21 14:11:04.281: L2X _____:________: class [VPDN group LAC ip addr 172.16.167.54 client LAC]
*Sep 21 14:11:04.281: L2X _____:________: deleted
ASR1006#
ASR1006#
ASR1006#
Excellent article..
Which parameters in radius must be added ?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: