Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

l2tpv3 xconnect problem

Hello everybody,

I've connected two Sites by xconnect through internet with ASAs IPVPN

We have equal configuration on both sides like this:

SiteA:

---------------------

Switch Cat4500:

---------------------

interface GigabitEthernet2/2/45

description Router c1921 - G0/1 Xconnect

switchport access vlan 122

switchport mode access

interface GigabitEthernet2/2/42

description Router C1921 - G0/0 for xconnect

switchport access vlan 200

switchport mode access

spanning-tree portfast

spanning-tree bpduguard enable

---------------------

Router cisco 1921 IOS 153-2.T1

----------------------

l2tp-class L2TP-CLASS1

hidden

authentication

hello 30

password 7 XXXXX

pseudowire-class PW-CLASS1

encapsulation l2tpv3

interworking ethernet

protocol l2tpv3 L2TP-CLASS1

ip local interface Loopback0

ip tos reflect

interface Loopback0

ip address 10.1.1.1 255.255.255.255

interface GigabitEthernet0/0

ip address 10.2.2.2 255.255.255.0

duplex auto

speed auto

interface GigabitEthernet0/1

no ip address

ip flow ingress

load-interval 30

duplex auto

speed auto

xconnect 10.3.3.3 200 encapsulation l2tpv3 pw-class PW-CLASS1

--------------------------------

ASA

---------------------

crypto map SITEB 1 match address l2l_crypto_SITEB

crypto map SITEB 1 set peer 82.B.B.B

crypto map SITEB 1 set ikev1 transform-set FirstSet

crypto map SITEB 1 set security-association lifetime seconds 3600

crypto map SITEB 1 set security-association lifetime kilobytes 2147483647

access-list l2l_crypto_SITEB line 1 extended permit 115 host 10.1.1.1 host 10.3.3.3 (hitcnt=86) 0x2c2db912

access-list l2l_crypto_SITEB line 2 extended permit ip host 10.1.1.1 host 10.3.3.3 (hitcnt=388017) 0x3ab2a57e

------------------------------

Ping and some connectons are working fine. But there are some problem like MTU Black Hole. Some sitest don't load properly and been displayed usualy on a half. but some time it's worknig well.

I haven't found commnads  "ip pmtu" and "ip df bit set" on IOS 15.3. And can't find any documentation about changes in this commands..

How can I reduce MTU or may be some other chages?

WBR,

Alexander.

Everyone's tags (3)
1 REPLY
New Member

Re: l2tpv3 xconnect problem

Also sometimes (usually in the morning and at the end of workday) we had this messages when there was ios153-2.T:

000916: Sep 12 18:09:06.837 KZT: %LINK-4-TOOBIG: Interface Gi0/0, Output packet size of 32220276 bytes too big

-Traceback= 5A17530z 400FCA4z 400FF80z 400D330z 82605A4z 824CF4Cz 45B003Cz 4E36CB4z 4E36E6Cz 4E3D1DCz 414A40Cz 4162248z 414B29Cz 414B4D8z 414B5B8z 414B7ECz

PS: Today, I've installed 153-2.T1.

643
Views
0
Helpful
1
Replies
CreatePlease login to create content