Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
747
Views
0
Helpful
5
Replies

PIX PPPOE Question

bschear
Level 1
Level 1

‎11-09-2005 12:16 PM - edited ‎02-21-2020 12:31 AM

I am planning on setting up a PIX 501 for PPPOE and have run into a couple questions. I am looking at documentation at http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2030/products_configuration_example09186a00801055dd.shtml

The reason I wanted PPPOE setup is that the modem my DSL provider supplied won't pass through the traffic to setup VPN on the PIX device. The option they give is that you can setup the DSL Modem as a transparent bridge and then setup the router with PPPOE or PPPOA to authenticate instead of using the modem.

In looking at the link I provided there is a line, "PIX OS versions 6.2 and 6.3

do not support Layer 2 Tunneling Protocol (L2TP) and Point−to−Point Tunneling Protocol (PPTP) with

PPPoE." Does this mean I couldn't setup VPN if I setup PPPOE on the Pix 501? Also for PPPOE you need a group name. I have a username and password but not a group name that I see. Is that something the ISP would have or just something I make up?

0 Helpful
5 Replies 5

cgregg
Level 1
Level 1

‎11-09-2005 05:52 PM

I have a PIX 501 with a verizon provided Westel DSL modem. I am required to use PPPOE and use the PIX for remote VPN access. I have a dynamic IP addres so I use DYNDNS.com and a domain name for VPN connections.

You need a username and password. Here is an example of my confguration. I am running OS 6.3(5).

ip address outside pppoe setroute

vpdn group pppoex request dialout pppoe

vpdn group pppoex localname namexxx

vpdn group pppoex ppp authentication pap

vpdn username namexxx password *********

HTHs

Curt

0 Helpful

jackko
Level 7
Level 7

‎11-09-2005 06:35 PM

vpdn group pppoe_group request dialout pppoe

vpdn group pppoe_group localname company@static.bigpond

vpdn group pppoe_group ppp authentication chap

vpdn username company@static.bigpond password *********

the group name "pppoe_group" is only local significant, thus you can create whatever you prefer.

with pppoe running on the pix, i'm not sure about l2tp and pptp, but for sure ipsec does work.

0 Helpful

Jim Jones
Level 4
Level 4
In response to jackko

‎01-12-2006 05:37 PM

I've got a pretty much identical configuration (authentication is pap on mine) trying to connect to a Verizon DSL connection and I can't get the interface to come up. When you do a show vpdn session I get:

PPPoE Session Information (Total tunnels=1 sessions=0)

Remote MAC is 00:00:00:00:00:00

Session state is PADI_SENT

Time since event change 755 secs, interface outside

0 packets sent, 0 received, 0 bytes sent, 0 received

Any ideas on where I'm going wrong?

Thanks,

Jim

0 Helpful

jackko
Level 7
Level 7
In response to Jim Jones

‎01-14-2006 08:15 AM

just wondering if the outside interface is configured for pppoe as well.

e.g.

ip address outside pppoe setroute

0 Helpful

unitus
Level 1
Level 1

‎11-10-2005 06:54 AM

I had several sites using SBC DSL and terminated the PPPoE connections on the PIX (501). They also were able to use PPTP on the PIX as well without issue...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card