Jan 18 11:32:06 localhost l2tpd: handle_avps: handling avp's for tunnel 31
740, call 63497
Jan 18 11:32:06 localhost l2tpd: message_type_avp: message type 4 (Stop-Co
Jan 18 11:32:06 localhost l2tpd: assigned_tunnel_avp: using peer's tunnel
Jan 18 11:32:06 localhost l2tpd: result_code_avp: peer closing for reason
1 (General request to clear control connection), error = 0 (No Error)
tunnel-group DefaultRAGroup general-attributes
tunnel-group DefaultRAGroup ppp-attributes
no authentication pap
(P.S. What I am trying to build here is a baseline config from which to slowly test features one by one in a debugging evironment, so please no "you should do it some other way" posts -- I really do want no-xauth, PSK phase1 with LOCAL database authentication and transport/agressive mode L2TP, and yes I know that's lousy security-wise.)
Not quite -- the first link is pretty much the same as the one I've been working from and the log cuts off too soon. The second is PIX, and ASA debug output is only sometimes the same as what's on the PIX units (my understanding is the PIX units have better debug output.)
So I still don't know if the message about PPP missing aaa servers is just normal noise. I did try configuring a radius server (even though I don't have one) and the debug message is still there even after using the old-style vpdn command the manual for that error message recommends.
More info on this problem: I've traced the L2TP chat from the client side, and it goes like so:
client sends SCCRQ
asa sends SCCRP
client sends SCCCN
client sends ICRQ
asa sends a ZLB in response to the SCCCN
asa sends a CDN to tear down the L2TP session
client sends a StopCCN in response to the CDN
The L2TP chat seems normal as far as I can see, except for the fact that the ASA hangs up right after the tunnel is established.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :