PPP Mulilink problem
Need Help!
Got problem with ppp multilink. Set up it, but the interface show down, like that in both side:
Serial4:0 unassigned YES manual down down
Serial5:0 unassigned YES manual down down
check lthe phisical line, phisical line is ok.
here are configs of both sides
R1:
controller E1 0/0/0
framing NO-CRC4
clock source internal
channel-group 0 timeslots 1-31
controller E1 0/0/1
framing NO-CRC4
clock source internal
channel-group 0 timeslots 1-31
interface Multilink3
ip address 192.10.10.1 255.255.255.252
ppp multilink
ppp multilink interleave
ppp multilink group 3
interface Serial0/0/0:0
no ip address
encapsulation ppp
ppp multilink
ppp multilink group 3
interface Serial0/0/1:0
no ip address
encapsulation ppp
ppp multilink
ppp multilink group 3
R2:
controller E1 4
framing NO-CRC4
clock source line secondary 4
channel-group 0 timeslots 1-31
controller E1 5
framing NO-CRC4
clock source line secondary 5
channel-group 0 timeslots 1-31
interface Multilink3
ip address 172.28.235.37 255.255.255.252
shutdown
ppp multilink
ppp multilink interleave
ppp multilink group 3
interface Serial4:0
no ip address
encapsulation ppp
ppp multilink
ppp multilink group 3
interface Serial5:0
no ip address
encapsulation ppp
ppp multilink
ppp multilink group 3
What to do?
I would assume the multilink interface on R2 been shut down is the issue
interface Multilink3
ip address 172.28.235.37 255.255.255.252
shutdown <------------------- do a no shut on this interface
ppp multilink
ppp multilink interleave
ppp multilink group 3
Similar Messages
-
Hi
I am having a problem configuring ip rtp with interleaving on two 1721's prioritizing voice traffic between two ip voice devices over a 128k point to point link. This is my config...
interface Multilink1
ip address 192.168.24.2 255.255.255.0
no cdp enable
ppp multilink
ppp multilink fragment delay 20
ppp multilink interleave
ppp multilink group 1
ip rtp header-compression iphc-format
ip tcp header-compression iphc-format
ip rtp priority 8100 100 40
interface Serial0
bandwidth 128
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation ppp
ppp multilink
no cdp enable
Everytime I add the 'ppp multilink' to the serial, I get the virtual-access interface bouncing up and down with no traffic flowing.
any ideas?Cannnnnnnnt see much wrong, try adding "ppp multilink group 1" to int S0 config.
-
RV220W - VPN PPP & RDP problem
Hello!
This is my first post here, so welcome!
I have purchased RV220W router and implemented into the existing netowork. Everything seems to work fine except logging into rdp desktops of wxp's on the local network in the office.
I'm not using router's VPN capabilities. I have made a connection through one of the WXP's VPN locally in the office. I login with password as PPP connection. Everything works fine, but I can only connect through RDP to the machine that is making the connection by "VPN IP". I cannot login to any IP that is local in the office. I can not ping either.
We are using also Macs and the same problem is when connecting with ScreenSharing and pinging.
It is definitely something to be set on the router.
If you have any idea, I would apprecite your help!Hi again!
After reading similar post I found a "solution".
I have manually put actual RV220W IP as router ip (except of the ip of the XP that is making the vpn connection) on the computer I'm connected to VPN and now it's working fine.
Anyway, thanks for approving this thread.
Cheers,
Adam -
Hi guys my problem is about Radius.It can not assign ip to remote host.This host request ppp and it terminated by on our Cisco router(LAC-LNS).And Cisco router uses AAA for authentication and ip assignment.Authentication part is okey.The host can connect radius and passes username password phase.But when the ppp protocol pass next ipcp level, host request;confreq is above,
Primary DNS server IP address: 0.0.0.0
Secondary DNS server IP address: 0.0.0.0
Primary WINS server IP address: 0.0.0.0
Secondary WINS server IP address: 0.0.0.0
IP address: 0.0.0.0
But the Router returns reject;confrej
Primary DNS server IP address: 0.0.0.0
Secondary DNS server IP address: 0.0.0.0
Primary WINS server IP address: 0.0.0.0
Secondary WINS server IP address: 0.0.0.0
IP address: 0.0.0.0
After this negotiation ppp ipcp part is terminated and the host never get ip address.
My question, Although the ppp authentication seems okey, why the remote host does not get ip address.Shoul I focus radius config. or Router config. ?
Thanks.Hi Marco,
interface Virtual-Template1
ip unnumbered GigabitEthernet0/0.12
no ip mroute-cache
no peer default ip address
ppp authentication pap
ppp ipcp predictive
I will paste here also debug files.
Best regards -
HI guys:
i have config the Cisco 881GC-W with PCEX-3G-HSPA card
i have not create the 3G connect to internet
here is debug :
debug ppp chat
debug ppp negotiation
3G_Test#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
*Aug 19 08:43:01.659: CHAT3: Attempting async line dialer script
*Aug 19 08:43:01.659: CHAT3: Dialing using Modem script: gsm & System script: none
*Aug 19 08:43:01.659: CHAT3: process started
*Aug 19 08:43:01.659: CHAT3: Asserting DTR
*Aug 19 08:43:01.663: CHAT3: Chat script gsm started
*Aug 19 08:43:01.663: CHAT3: Sending string: ATDT#777
*Aug 19 08:43:01.663: CHAT3: Chat script gsm finished, status = Success.
*Aug 19 08:43:04.731: %LINK-3-UPDOWN: Interface Cellular0, changed state to up.
Success rate is 0 percent (0/5)
3G_Test#
*Aug 19 08:43:04.731: Ce0 PPP: Using dialer call direction
*Aug 19 08:43:04.731: Ce0 PPP: Treating connection as a callout
*Aug 19 08:43:04.731: Ce0 PPP: Session handle[27000040] Session id[22]
*Aug 19 08:43:04.731: Ce0 PPP: Phase is ESTABLISHING, Active Open
*Aug 19 08:43:04.731: Ce0 PPP: Authorization required
*Aug 19 08:43:04.731: Ce0 PPP: No remote authentication for call-out
*Aug 19 08:43:04.731: Ce0 LCP: O CONFREQ [Closed] id 211 len 20
*Aug 19 08:43:04.731: Ce0 LCP: ACCM 0x000A0000 (0x0206000A0000)
*Aug 19 08:43:04.731: Ce0 LCP: MagicNumber 0x2710E450 (0x05062710E450)
*Aug 19 08:43:04.731: Ce0 LCP: PFC (0x0702)
*Aug 19 08:43:04.731: Ce0 LCP: ACFC (0x0802)
*Aug 19 08:43:06.715: Ce0 LCP: Timeout: State REQsent
*Aug 19 08:43:06.715: Ce0 LCP: O CONFREQ [REQsent] id 212 len 20
*Aug 19 08:43:06.715: Ce0 LCP: ACCM 0x000A0000 (0x0206000A0000)
*Aug 19 08:43:06.715: Ce0 LCP: MagicNumber 0x2710E450 (0x05062710E450)
*Aug 19 08:43:06.715: Ce0 LCP: PFC (0x0702)
*Aug 19 08:43:06.715: Ce0 LCP: ACFC (0x0802)
*Aug 19 08:43:08.731: Ce0 LCP: Timeout: State REQsent
*Aug 19 08:43:08.731: Ce0 LCP: O CONFREQ [REQsent] id 213 len 20
*Aug 19 08:43:08.731: Ce0 LCP: ACCM 0x000A0000 (0x0206000A0000)
*Aug 19 08:43:08.731: Ce0 LCP: MagicNumber 0x2710E450 (0x05062710E450)
*Aug 19 08:43:08.731: Ce0 LCP: PFC (0x0702)
*Aug 19 08:43:08.731: Ce0 LCP: ACFC (0x0802)
*Aug 19 08:43:10.747: Ce0 LCP: Timeout: State REQsent
*Aug 19 08:43:10.747: Ce0 LCP: O CONFREQ [REQsent] id 214 len 20
*Aug 19 08:43:10.747: Ce0 LCP: ACCM 0x000A0000 (0x0206000A0000)
*Aug 19 08:43:10.747: Ce0 LCP: MagicNumber 0x2710E450 (0x05062710E450)
*Aug 19 08:43:10.747: Ce0 LCP: PFC (0x0702)
*Aug 19 08:43:10.747: Ce0 LCP: ACFC (0x0802)
*Aug 19 08:43:12.763: Ce0 LCP: Timeout: State REQsent
*Aug 19 08:43:12.763: Ce0 LCP: O CONFREQ [REQsent] id 215 len 20
*Aug 19 08:43:12.763: Ce0 LCP: ACCM 0x000A0000 (0x0206000A0000)
*Aug 19 08:43:12.763: Ce0 LCP: MagicNumber 0x2710E450 (0x05062710E450)
*Aug 19 08:43:12.763: Ce0 LCP: PFC (0x0702)
*Aug 19 08:43:12.763: Ce0 LCP: ACFC (0x0802)
*Aug 19 08:43:14.779: Ce0 LCP: Timeout: State REQsent
*Aug 19 08:43:14.779: Ce0 LCP: O CONFREQ [REQsent] id 216 len 20
*Aug 19 08:43:14.779: Ce0 LCP: ACCM 0x000A0000 (0x0206000A0000)
*Aug 19 08:43:14.779: Ce0 LCP: MagicNumber 0x2710E450 (0x05062710E450)
*Aug 19 08:43:14.779: Ce0 LCP: PFC (0x0702)
*Aug 19 08:43:14.779: Ce0 LCP: ACFC (0x0802)
*Aug 19 08:43:16.795: Ce0 LCP: Timeout: State REQsent
*Aug 19 08:43:16.795: Ce0 LCP: O CONFREQ [REQsent] id 217 len 20
*Aug 19 08:43:16.795: Ce0 LCP: ACCM 0x000A0000 (0x0206000A0000)
*Aug 19 08:43:16.795: Ce0 LCP: MagicNumber 0x2710E450 (0x05062710E450)
*Aug 19 08:43:16.795: Ce0 LCP: PFC (0x0702)
*Aug 19 08:43:16.795: Ce0 LCP: ACFC (0x0802)
*Aug 19 08:43:18.811: Ce0 LCP: Timeout: State REQsent
*Aug 19 08:43:18.811: Ce0 LCP: O CONFREQ [REQsent] id 218 len 20
*Aug 19 08:43:18.811: Ce0 LCP: ACCM 0x000A0000 (0x0206000A0000)
*Aug 19 08:43:18.811: Ce0 LCP: MagicNumber 0x2710E450 (0x05062710E450)
*Aug 19 08:43:18.811: Ce0 LCP: PFC (0x0702)
*Aug 19 08:43:18.811: Ce0 LCP: ACFC (0x0802)
*Aug 19 08:43:20.827: Ce0 LCP: Timeout: State REQsent
*Aug 19 08:43:20.827: Ce0 LCP: O CONFREQ [REQsent] id 219 len 20
*Aug 19 08:43:20.827: Ce0 LCP: ACCM 0x000A0000 (0x0206000A0000)
*Aug 19 08:43:20.827: Ce0 LCP: MagicNumber 0x2710E450 (0x05062710E450)
*Aug 19 08:43:20.827: Ce0 LCP: PFC (0x0702)
*Aug 19 08:43:20.827: Ce0 LCP: ACFC (0x0802)
*Aug 19 08:43:22.843: Ce0 LCP: Timeout: State REQsent
*Aug 19 08:43:22.843: Ce0 LCP: O CONFREQ [REQsent] id 220 len 20
*Aug 19 08:43:22.843: Ce0 LCP: ACCM 0x000A0000 (0x0206000A0000)
*Aug 19 08:43:22.843: Ce0 LCP: MagicNumber 0x2710E450 (0x05062710E450)
*Aug 19 08:43:22.843: Ce0 LCP: PFC (0x0702)
*Aug 19 08:43:22.843: Ce0 LCP: ACFC (0x0802)
*Aug 19 08:43:24.859: Ce0 LCP: Timeout: State REQsent
*Aug 19 08:43:24.859: Ce0 PPP: Sending Acct Event[Down] id[1A]
*Aug 19 08:43:24.859: Ce0 LCP: State is Closed
*Aug 19 08:43:24.859: Ce0 PPP: Phase is DOWN
*Aug 19 08:43:24.859: Ce0 LCP: State is Listen
*Aug 19 08:43:26.859: %LINK-5-CHANGED: Interface Cellular0, changed state to reset
*Aug 19 08:43:26.859: Ce0 LCP: State is Closed
*Aug 19 08:43:31.931: %LINK-3-UPDOWN: Interface Cellular0, changed state to down
3G_Test#
3G_Test#
it may be a ppp link problem,because Chat script gsm finished, status = Success,but i dont't understand why cell 0 didn't UP
here is my config:
chat-script gsm "" "ATDT#777"
interface Cellular0
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer in-band
dialer string gsm
dialer-group 1
async mode interactive
ppp chap hostname card
ppp chap password 0 card
ppp ipcp dns request
interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Cellular0
ip http server
ip http secure-server
ip nat inside source list 1 interface Cellular0 overload
access-list 1 permit any
dialer-list 1 protocol ip list 1
control-plane
line con 0
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
line 3
script dialer gsm
no exec
line vty 0 4
login
anyone can help me ?thanks!Hi,
I have not an solution but rather a similar problem with that kind of hardware (881GW with PCEX-3G-HSPA). I have a working config for only *one* successful 3G dial-in: after losing the established 3G connection (e.g. forcing a "clear int dial 1"), the router can not re-establish the 3G connection until I reboot the device. It seems that the communication between IOS and the modem is some kind of damaged:
Config:
=====
chat-script GSM "" AT OK "ATDT*99*1#"
interface Cellular0
no ip address
ip virtual-reassembly in
encapsulation ppp
dialer in-band
dialer pool-member 1
async mode interactive
no ppp lcp fast-start
interface Dialer1
ip address negotiated
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer string GSM
dialer-group 1
no ppp lcp fast-start
ppp chap refuse
ppp pap sent-username USER password TEST
ip route 0.0.0.0 0.0.0.0 Dialer1
dialer-list 1 protocol ip permit
line 3
exec-timeout 0 0
script dialer GSM
modem InOut
no exec
1st login - successful:
================
*Nov 10 16:28:40.955: Ce0 DDR: rotor dialout [best] least recent failure is also most recent failure
*Nov 10 16:28:40.955: Ce0 DDR: rotor dialout [best] trying untried dialout
*Nov 10 16:28:40.955: Ce0 DDR: rotor dialout [best] also has most recent failure
*Nov 10 16:28:40.955: Ce0 DDR: rotor dialout [best]
*Nov 10 16:28:40.955: Ce0 DDR: Dialing cause ip (s=10.98.3.10, d=17.72.255.12)
*Nov 10 16:28:40.955: Ce0 DDR: Attempting to dial GSM
*Nov 10 16:28:40.955: CHAT3: Attempting async line dialer script
*Nov 10 16:28:40.955: CHAT3: Dialing using Modem script: GSM & System script: none
*Nov 10 16:28:40.955: CHAT3: process started
*Nov 10 16:28:40.955: CHAT3: Asserting DTR
*Nov 10 16:28:40.959: CHAT3: Chat script GSM started
*Nov 10 16:28:40.959: CHAT3: Sending string: AT
*Nov 10 16:28:40.959: CHAT3: Expecting string: OK
*Nov 10 16:28:40.963: CHAT3: Completed match for expect: OK
*Nov 10 16:28:40.963: CHAT3: Sending string: ATDT*99*1#
*Nov 10 16:28:40.963: CHAT3: Chat script GSM finished, status = Success
*Nov 10 16:28:42.039: TTY3: no timer type 1 to destroy
*Nov 10 16:28:42.039: TTY3: no timer type 0 to destroy
*Nov 10 16:28:42.039: TTY3: no timer type 2 to destroy
*Nov 10 16:28:44.039: %LINK-3-UPDOWN: Interface Cellular0, changed state to up
*Nov 10 16:28:44.039: Ce0 DDR: Dialer statechange to up
*Nov 10 16:28:44.039: %DIALER-6-BIND: Interface Ce0 bound to profile Di1
*Nov 10 16:28:44.039: Ce0 DDR: Dialer call has been placed
*Nov 10 16:28:44.039: Ce0 PPP: Sending cstate UP notification
*Nov 10 16:28:44.039: Ce0 PPP: Processing CstateUp message
*Nov 10 16:28:44.067: PPP: Alloc Context [84DAA350]
*Nov 10 16:28:44.067: ppp1 PPP: Phase is ESTABLISHING
*Nov 10 16:28:44.067: ppp1 PPP: Using AAA Unique Id = D
*Nov 10 16:28:44.067: Ce0 PPP: Authorization required
*Nov 10 16:28:44.067: Ce0 PPP: Using dialer call direction
*Nov 10 16:28:44.067: Ce0 PPP: Treating connection as a callout
*Nov 10 16:28:44.067: Ce0 PPP: Session handle[FE000001] Session id[1]
*Nov 10 16:28:44.067: Ce0 LCP: Event[OPEN] State[Initial to Starting]
*Nov 10 16:28:44.071: Ce0 PPP: No remote authentication for call-out
*Nov 10 16:28:44.071: Ce0 LCP: O CONFREQ [Starting] id 1 len 20
*Nov 10 16:28:44.071: Ce0 LCP: ACCM 0x000A0000 (0x0206000A0000)
*Nov 10 16:28:44.071: Ce0 LCP: MagicNumber 0x4C781BD5 (0x05064C781BD5)
*Nov 10 16:28:44.071: Ce0 LCP: PFC (0x0702)
*Nov 10 16:28:44.071: Ce0 LCP: ACFC (0x0802)
*Nov 10 16:28:44.071: Ce0 LCP: Event[UP] State[Starting to REQsent]
*Nov 10 16:28:44.079: Ce0 LCP: I CONFACK [REQsent] id 1 len 20
*Nov 10 16:28:44.079: Ce0 LCP: ACCM 0x000A0000 (0x0206000A0000)
*Nov 10 16:28:44.079: Ce0 LCP: MagicNumber 0x4C781BD5 (0x05064C781BD5)
*Nov 10 16:28:44.079: Ce0 LCP: PFC (0x0702)
*Nov 10 16:28:44.079: Ce0 LCP: ACFC (0x0802)
*Nov 10 16:28:47.971: Ce0 IPCP: O CONFREQ [ACKsent] id 4 len 10
*Nov 10 16:28:47.971: Ce0 IPCP: Address 10.99.17.58 (0x03060A63113A)
*Nov 10 16:28:47.971: Ce0 IPCP: Event[Receive ConfNak/Rej] State[ACKsent to ACKsent]
*Nov 10 16:28:48.027: Ce0 IPCP: I CONFACK [ACKsent] id 4 len 10
*Nov 10 16:28:48.027: Ce0 IPCP: Address 10.99.17.58 (0x03060A63113A)
*Nov 10 16:28:48.027: Ce0 IPCP: Event[Receive ConfAck] State[ACKsent to Open]
*Nov 10 16:28:48.027: Ce0 IPCP: State is Open
*Nov 10 16:28:48.027: Di1 IPCP: Install negotiated IP interface address 10.99.17.58
*Nov 10 16:28:48.031: Ce0 DDR: dialer protocol up1#
--> Now I do a "clear int dial 1":
2nd and all further logins - failure:
========================
*Nov 10 17:37:53.467: Ce0 DDR: rotor dialout [best] least recent failure is also most recent failure
*Nov 10 17:37:53.467: Ce0 DDR: rotor dialout [best] also has most recent failure
*Nov 10 17:37:53.467: Ce0 DDR: rotor dialout [best]
*Nov 10 17:37:53.467: Ce0 DDR: Dialing cause ip (s=10.98.3.10, d=10.99.16.254)
*Nov 10 17:37:53.467: Ce0 DDR: Attempting to dial GSM
*Nov 10 17:37:53.467: CHAT3: Attempting async line dialer script
*Nov 10 17:37:53.467: CHAT3: Dialing using Modem script: GSM & System script: none
*Nov 10 17:37:53.471: CHAT3: process started
*Nov 10 17:37:53.471: CHAT3: Asserting DTR
*Nov 10 17:37:53.471: CHAT3: Chat script GSM started
*Nov 10 17:37:53.475: CHAT3: Sending string: AT
*Nov 10 17:37:53.475: CHAT3: Expecting string: OK
*Nov 10 17:37:58.475: CHAT3: Timeout expecting: OK
*Nov 10 17:37:58.475: CHAT3: Chat script GSM finished, status = Connection timed out; remote host not responding
*Nov 10 17:37:58.475: TTY3: Line reset by "Async dialer"
*Nov 10 17:37:58.475: Ce0 DDR: disconnecting call
*Nov 10 17:37:58.475: TTY3: dropping DTR
*Nov 10 17:37:59.475: TTY3: asserting DTR
*Nov 10 17:37:59.475: TTY3: Modem: (unknown)->READY
Maybe somone has some clue how this can happen?
Gerald -
Hi!
I've big problems connecting to my isp using pppd included in Solaris 10 x86. I have Ericsson HiS modem, IDSL technology, connected to /dev/cua0 max speed set to 115200 kbps, it doesn't require chat script. I'd like to notice that there are no problems connecting my ISP on Linux with the same options used. I think the problem is a buggy PAP authentication negotiation with peer (diffs between linux and solaris in pppd debug log). Is there problem with configuration or (buggy?) old 2.4.0b1 version of ppp?? Any suggestions appreciated.I need help especially from polish users, who experienced problems, or not, with HiS Ericsson iDSL modem (115,2 kbps) and Sun's ppp. Why can't I connect the same way as in for ex. FreeBSD or linux systems? Do I need a special configuration of serial port or modem? This is a fragment from typical pppd debug log:
serial speed set to 115200bps
Using interface sppp0
Connect: sppp0 <--> /dev/cua0
sent [LCP ConfReq id=0xe <asyncmap 0x0> <magic 0x7d40a344> <pcomp> <accomp>]
rcvd [LCP ConfReq id=ox1 <mru 1656> <asyncmap 0x0> <auth pap> <magic 0x6a789b2f> <linkdisc 256>]
LCP: rejecting unknown option 23 #this message repeats several times
LCP: Rcvd Code-Reject for unknown code 192 id 33
Authenticating to peer with PAP
sent [PAP AuthReq id=0x1 user="user" password=<hidden>]
rcvd [PAP AuthAck id=0x1 " "]
sent {IPCP ConfReq id=0x49 <addr 0.0.0.0> <compress VJ 0f 01>]
sent [CCP ConfReq id=0x2b <deflate 15> <deflate (old#) 15> <bsd v1 15>]
rcvd [proto=0xc02b] 01 08 00 0a 01 06 25 fe 28 0c
Unsupported protocol 0xc02b received #this message appears several times
... -
Nov 19 11:12:17 EET: ppp8272 PPP: Sent PAP LOGIN Request PPPOE problem
a session stays in LCP and the debug is :
Nov 19 11:43:20 EET: PPPoE 0: I PADI R:0015.0c44.e6c4 L:ffff.ffff.ffff 1470 Gi1/1/0.1470
Nov 19 11:43:20 EET: Service tag: NULL Tag
Nov 19 11:43:20 EET: PPPoE 0: O PADO, R:001b.53c3.1d24 L:0015.0c44.e6c4 1470 Gi1/1/0.1470
Nov 19 11:43:20 EET: Service tag: NULL Tag
Nov 19 11:43:20 EET: PPPoE 0: I PADR R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
Nov 19 11:43:20 EET: Service tag: NULL Tag
Nov 19 11:43:20 EET: PPPoE : encap string prepared
Nov 19 11:43:20 EET: [12789]PPPoE 59193: Access IE handle allocated
Nov 19 11:43:20 EET: [12789]PPPoE 59193: AAA get retrieved attrs
Nov 19 11:43:20 EET: [12789]PPPoE 59193: AAA get nas port details
Nov 19 11:43:20 EET: [12789]PPPoE 59193: AAA get dynamic attrs
Nov 19 11:43:20 EET: [12789]PPPoE 59193: AAA get dynamic attrs
Nov 19 11:43:20 EET: [12789]PPPoE 59193: AAA unique ID allocated
Nov 19 11:43:20 EET: [12789]PPPoE 59193: AAA method list set
Nov 19 11:43:20 EET: [12789]PPPoE 59193: Service request sent to SSS
Nov 19 11:43:20 EET: [12789]PPPoE 59193: Created, Service: None R:001b.53c3.1d24 L:0015.0c44.e6c4 1470 Gi1/1/0.1470
Nov 19 11:43:20 EET: [12789]PPPoE 59193: State NAS_PORT_POLICY_INQUIRY Event SSS MORE KEYS
Nov 19 11:43:20 EET: [12789]PPPoE 59193: data path set to PPP
Nov 19 11:43:20 EET: [12789]PPPoE 59193: Segement (SSS class): PROVISION
Nov 19 11:43:20 EET: [12789]PPPoE 59193: State PROVISION_PPP Event SSM PROVISIONED
Nov 19 11:43:20 EET: [12789]PPPoE 59193: O PADS R:0015.0c44.e6c4 L:001b.53c3.1d24 Gi1/1/0.1470
Nov 19 11:43:21 EET: PPPoE 0: I PADR R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
Nov 19 11:43:21 EET: Service tag: NULL Tag
Nov 19 11:43:21 EET: [12789]PPPoE 59193: O PADS R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
Nov 19 11:43:22 EET: PPPoE 0: I PADR R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
Nov 19 11:43:22 EET: Service tag: NULL Tag
Nov 19 11:43:22 EET: [12789]PPPoE 59193: O PADS R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
Nov 19 11:43:25 EET: [1564]PPPoE 59133: AAA get dynamic attrs
Nov 19 11:43:25 EET: [1564]PPPoE 59133: AAA get dynamic attrs
Nov 19 11:43:25 EET: PPPoE 59133: I PADT R:0015.0c7f.3617 L:001b.53c3.1d24 1470 Gi1/1/0.1470
Nov 19 11:43:25 EET: [1564]PPPoE 59133: Destroying R:0015.0c7f.3617 L:001b.53c3.1d24 1470 Gi1/1/0.1470
Nov 19 11:43:25 EET: PPPoE: Returning Vaccess Virtual-Access1.5542
Nov 19 11:43:25 EET: [1564]PPPoE 59133: AAA get dynamic attrs
Nov 19 11:43:25 EET: [1564]PPPoE 59133: AAA get dynamic attrs
Nov 19 11:43:25 EET: [1564]PPPoE 59133: AAA account stopped
Nov 19 11:43:25 EET: [1564]PPPoE 59133: Segement (SSS class): UNPROVISION
Nov 19 11:43:26 EET: PPPoE 59133: I PADT R:0015.0c7f.3617 L:001b.53c3.1d24 1470 Gi1/1/0.1470
Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
Nov 19 11:43:29 EET: [12789]PPPoE 59193: O PADT R:0015.0c44.e6c4 L:001b.53c3.1d24 Gi1/1/0.1470
Nov 19 11:43:29 EET: [12789]PPPoE 59193: Destroying R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA account stopped
Nov 19 11:43:29 EET: [12789]PPPoE 59193: Segement (SSS class): UNPROVISION
Nov 19 11:43:29 EET: PPPoE 59193: I PADT R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
sh pppoe session | in e6c4
9040 61583 0015.0c44.e6c4 Gi1/1/0.1470 1 N/A LCP
Does anyone understands why the session stays to LCP and it is terminated?I have already tried a debug ppp negotiation and a debug radius authentication, but i do not seem to get the user's username....And after all the ppp stops in LCP. I run a certain pppoe debug and i watched the user changing from PADI to PADO all the time. Is there a chance to have a problem in the dlsam?
-
Hello everyone !
I use pppd to establish a connection to the internet.
I open a /dev/ptmx and /dev/ptsX pair. I start pppd with STDIN and STDOUT set to the /dev/ptsX device.
The /dev/ptmx device is connected to a software that emulates an AT-command modem using a special USB modem.
The problem is:
* LCP, CHAP/PAP and IPCP packets work correctly.
* Incoming TCP/IP packets are sent to the kernel
(kdebug option of pppd shows that the TCP/IP packets arrive at the kernel)
* PPP does NOT send any outgoing TCP/IP packet
Q: Why does PPP not send any outgoing TCP/IP packets ?
I even tried the "notty" option of pppd.
Any ideas ?
Thanks.
MartinI found out that the first PPP connection (over the network device sppp0) works.
Following connections over sppp0 work, too while connections over sppp1 etc. do NOT work.
I think this is a routing problem; the "default route" is bound to sppp0 and cannot be changed to sppp1.
I'm not 100% sure and I do not know how to handle this.
Another problem is that a non-blocking read() from /dev/ptmx sometimes returns 0 instead of errno=EWOULDBLOCK. Unfortunately I use read()==0 as hang-up detection.
Any ideas ?
Thanks.
Martin. -
Hi,
After upgrading old C2500 analog dial-in router with ext. modem pool and with IOS v.11.2.17 to new C3845 router with int. NM-8AM-V2 and IOS v. 12.4.10 i have folloing problems:
1. ppp session does not starts automatically with
'autoselect ppp' command in configuration
2. ppp session starts only when both 'autoselect ppp' and 'autoselect during-login' are configured, but remote users need access both EXEC-mode and PPP-mode w/o 'autoselect during-login' command and Username prompt.
Any ideas?
Router C2500 with old v.11.2.17 IOS configuration:
modemcap entry zyxel:FD=&f*m1s0=1s7=120s10=250:SPD=s20=3:DTE=19200
interface Group-Async1
ip unnumbered Ethernet0
ip access-group 105 out
encapsulation ppp
async default routing
async mode interactive
ntp disable
peer default ip address pool ppp_DialIn
no cdp enable
ppp authentication chap
group-range 1 8
line 1 8
session-timeout 10
no exec-banner
autoselect ppp
login authentication via_tacacs
modem InOut
modem autoconfigure type zyxel
terminal-type download
no editing
transport input all
escape-character NONE
telnet transparent
stopbits 1
rxspeed 19200
txspeed 19200
flowcontrol hardwareRemoving "autoselect during-login" and adding "autoselect timeout 5". Doing this will allow AAA authentication not to be taken immediately after the connection is made.
-
Hi Guys,
i got a situation here and hope someone will be able to help me out. Recently i configured a PPP multilink and am facing some issues after that.
Issue 1:
There seems to be lot of input error on multilink interface (150 errors in 40 mins)
Issue 2:
when any of the multilink member interface goes down (all other links are active), am getting packrt drops and request timed out when i ping my other end multi link interface atleast for some 30 sec , after which my response is ok.
About my network
I have connectivity between site A and Site B which consists of five 64 kbps Leased lines bundled together with Multilink PPP
My configuration is shown below
End A
interface multilink 1
ip address x.x.x.x x.x.x.x
ppp multilink fragment-delay 20
ppp multilink interleave
ppp multilink
multilink-group 1
int Ser 2/0
bandwidth 64
no ip address
no ip redirects
no ip proxy-arp
encapsulation ppp
no ip route-cache
no ip mroute-cache
no fair-queue
ppp multilink
multilink-group 1
int Ser 2/1
bandwidth 64
no ip address
no ip redirects
no ip proxy-arp
encapsulation ppp
no ip route-cache
no ip mroute-cache
no fair-queue
ppp multilink
multilink-group 1
int Ser 2/2
bandwidth 64
no ip address
no ip redirects
no ip proxy-arp
encapsulation ppp
no ip route-cache
no ip mroute-cache
no fair-queue
ppp multilink
multilink-group 1
int Ser 2/3
bandwidth 64
no ip address
no ip redirects
no ip proxy-arp
encapsulation ppp
no ip route-cache
no ip mroute-cache
no fair-queue
ppp multilink
multilink-group 1
int Ser 2/4
bandwidth 64
no ip address
no ip redirects
no ip proxy-arp
encapsulation ppp
no ip route-cache
no ip mroute-cache
no fair-queue
ppp multilink
multilink-group 1
End B
interface multilink 1
ip address ip address x.x.x.x x.x.x.x
ppp multilink fragment-delay 20
ppp multilink interleave
ppp multilink
multilink-group 1
interface S 2/0:1
bandwidth 64
no ip address
no ip redirects
no ip proxy-arp
encapsulation ppp
no ip route-cache
no ip mroute-cache
no fair-queue
ppp multilink
multilink-group 1
interface S 2/0:11
bandwidth 64
no ip address
no ip redirects
no ip proxy-arp
encapsulation ppp
no ip route-cache
no ip mroute-cache
no fair-queue
ppp multilink
multilink-group 1
interface S 2/0:25
bandwidth 64
no ip address
no ip redirects
no ip proxy-arp
encapsulation ppp
no ip route-cache
no ip mroute-cache
no fair-queue
ppp multilink
multilink-group 1
interface S 2/0:4
bandwidth 64
no ip address
no ip redirects
no ip proxy-arp
encapsulation ppp
no ip route-cache
no ip mroute-cache
no fair-queue
ppp multilink
multilink-group 1
interface S 2/0:6
bandwidth 64
no ip address
no ip redirects
no ip proxy-arp
encapsulation ppp
no ip route-cache
no ip mroute-cache
no fair-queue
ppp multilink
multilink-group 1pls find the output of show command
END A #sh int multilink 5
Multilink5 is up, line protocol is up
Hardware is multilink group interface
Description: ***Multilink to End B ***
Internet address is 192.26.0.162/30
MTU 1500 bytes, BW 320 Kbit, DLY 100000 usec,
reliability 255/255, txload 2/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 2 seconds on reset
LCP Open, multilink Open
Open: IPCP, CDPCP
Last input 00:00:00, output never, output hang never
Last clearing of "show interface" counters 19:55:13
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 2000 bits/sec, 4 packets/sec
5 minute output rate 3000 bits/sec, 4 packets/sec
309478 packets input, 58763590 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
1492 input errors, 0 CRC, 1492 frame, 0 overrun, 0 ignored, 0 abort
290606 packets output, 32728691 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
END A #sh ppp multilink
Multilink5, bundle name is End B
Bundle up for 22:06:31
493 lost fragments, 162050 reordered, 0 unassigned
999 discarded, 0 lost received, 3/255 load
0xAE5E6 received sequence, 0x69F6B sent sequence
Member links: 5 active, 0 inactive (max not set, min not set)
Se2/0, since 20:07:34, last rcvd seq 0AE5E1, 160 weight, 152 frag size
Se2/2, since 20:04:45, last rcvd seq 0AE5E2, 160 weight, 152 frag size
Se2/3, since 20:04:07, last rcvd seq 0AE5E3, 160 weight, 152 frag size
Se2/5, since 20:03:24, last rcvd seq 0AE5E4, 160 weight, 152 frag size
Se2/1, since 19:57:12, last rcvd seq 0AE5E5, 160 weight, 152 frag size
Am getting 1400 input errors in last 19 hours on multilink interface, also less than 100 input errors on member serial interfacs.Also am not loosing any link member. -
Hello,
please Urgent Help
I have ASR 1000 with asr1000rp2-adventerprisek Version, when I give PPP Multilink to the dialer interface it show following error :
FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: F0: fman_fp_image:
MLP bundle , link download to CPP failed
please urgent helpthis error comes with the command PPP multilink, it is a lot of letters and numbers and then this last line comes this message
FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: F0: fman_fp_image:
MLP bundle 181, link 178 download to CPP failed
the configuration still not installed but I configured just the following lines
interface Virtual-Template
ip unnumbered Loopback2
ip mtu 1440
ip load-sharing per-packet
ip tcp adjust-mss 1400
no logging event link-status
peer default ip address pool
ipv6 unnumbered Loopback2
ipv6 enable
no ipv6 nd suppress-ra
ppp authentication pap chap callin
ppp multilink
ppp multilink fragment delay 100
ppp multilink mrru local 1546
that were the lines used to configure this Dialer, the image must be asr1000rp2-adventerprisek and not Ipbase but I dont tried to use IPbase.
what do think ? -
Problems setting up PPP using GSM modem
I am trying to setup a PC with Solaris 10 installed to use a 3G USB modem to connect to the internet.
bash-3.00# cat /etc/release
Solaris 10 10/09 s10x_u8wos_08a X86
bash-3.00# uname -a
SunOS gateway 5.10 Generic_141445-09 i86pc i386 i86pc
I have the modem working in so far as I can tip to it and get a response back:-
bash-3.00# tip -460800 /dev/cua/0
connected
at
OK
ati
Manufacturer: huawei
Model: E17X
Revision: 11.311.05.02.67
IMEI: 358108024400748
GCAP: CGSM,+FCLASS,+DS
OK
~
[EOT]
when I run the following command: pppd debug call mtn
I get the following in the pppd log:-
Aug 7 19:44:00 gateway pppd[463]: [ID 860527 daemon.notice] pppd 2.4.0b1 (Sun Microsystems, Inc.) started by root, uid 0
Aug 7 19:44:00 gateway pppd[463]: [ID 702911 daemon.debug] serial speed set to 460800 bps
Aug 7 19:44:01 gateway pppd[463]: [ID 702911 daemon.debug] connect option: '/usr/bin/chat -Vv -f /etc/ppp/mtn-connect' started (pid 464)
Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] timeout set to 5 seconds
Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] abort on (\nBUSY\r)
Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] abort on (\nERROR\r)
Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] abort on (\nNO ANSWER\r)
Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] abort on (\nNO CARRIER\r)
Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] abort on (\nNO DIALTONE\r)
Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] abort on (\nRINGING\r\n\r\nRINGING\r)
Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] report (CONNECT)
Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] expect (OK)
Aug 7 19:44:07 gateway chat[465]: [ID 702911 local2.info] alarm
Aug 7 19:44:07 gateway chat[465]: [ID 702911 local2.info] Failed
Aug 7 19:44:07 gateway pppd[463]: [ID 702911 daemon.error] Connect script failed
Aug 7 19:44:08 gateway pppd[463]: [ID 834084 daemon.info] Exit.
the peer file is as follows:-
bash-3.00# more /etc/ppp/peers/mtn
# MTN PPP initialisation/termination script
# Do not ask the remote to authenticate.
noauth
# Modem chat scripts
connect "/usr/bin/chat -Vv -f /etc/ppp/mtn-connect"
disconnect "/usr/bin/chat -Vv -f /etc/ppp/mtn-disconnect"
# Serial device to which the modem is connected.
/dev/cua/0
# Speed of the serial line.
460800
# Use this connection as the default route.
defaultroute
# ISP supplies us with a local IP address during IPCP negotiation
noipdefault
# Try to get the name server addresses from the ISP.
usepeerdns
# Username for authentication
user "username"
# Password for authentication
password "password"
# Always try to reconnect, when connection fails or is lost
# persist
# Never give up after failed connect attempts
# maxfail 0
# Debugging
debug
and the connect script is as follows:-
# MTN PPP CONNECT script
TIMEOUT 5
ECHO ON
ABORT '\nBUSY\r'
ABORT '\nERROR\r'
ABORT '\nNO ANSWER\r'
ABORT '\nNO CARRIER\r'
ABORT '\nNO DIALTONE\r'
ABORT '\nRINGING\r\n\r\nRINGING\r'
REPORT CONNECT
OK 'ATZ'
OK 'AT+cgdcont=1,"IP","apn1.mtn.net"'
OK 'AT+cgdcont=2,"IP","apn2.mtn.net"'
OK 'ATD*99***1#'
I am sure I have missed something really obvious but I can't see where.Don't use the setup CD. Connect manually via wired computer to 192.168.1.1 username blank, password 'admin'. Now configure the router manually like everyone else.
-
I haven't been able to connect to internet here in Plymouth, MA since 12/19? Called numerous time to support and they say it is outage problems in area. My DSL light is steady on modem but when trying to connect the Internet light goes steady red! Anyone else having this problem in South East MA area? Does it normally take over a week to correct?
Outages almost never last a week. Verizon can't afford to leave customers without service for that long. I would suggest contacting Tech Support again. If the agent tells you that it's just an outage, ask to speak to their supervisor.
If a forum member gives an answer you like, give them the Kudos they deserve. If a member gives you the answer to your question, mark the answer as Accepted Solution so others can see the solution to the problem.
"All knowledge is worth having." -
installed the base system + kde + xfce + rp-pppoe, but now, if use the kde a strange error happend:
Nov 9 23:32:03 Geo-Front kernel: unregister_netdevice: waiting for ppp0 to become free. Usage count = 1
the log is big if yours want, a paste, but now, that message show, and kde don`t work, inly can "killall kdm", then "adsl-stop", and "kdm", and, if try login to kde with internet coneccion running, don`t start, only can login in xfce, and y try run a kprogram, dont work toothe full log:
http://www.foro.powers.cl/viewtopic.php … 46#1247046 -
Good morning,
I'm having the following problem. I configured a ASA 5505 with VPN and a VPN Remote Access Site-to-site. Everything is working, but when I reload the ASA does not work anymore VPNs, Remote Access error 412 and the Site-to-site does not connect more to solve, I have to reset and reconfigure the ASA. This is happening dopo updating the ASA, I have version 842-k8 and asdm645-106.
Does anyone have any idea what can be?
Thank you.
Running-config:
: Saved
: Written by master at 10:34:14.839 BRDT Mon Oct 10 2011
ASA Version 8.4(2)
hostname ciscoasa
domain-name default.domain.invalid
enable password 2KFQnbNIdI.2KYOU encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 0
ip address 172.16.0.140 255.255.252.0
interface Vlan2
nameif outside
security-level 0
pppoe client vpdn group gvt
ip address pppoe setroute
boot system disk0:/asa842-k8.bin
ftp mode passive
clock timezone BRST -3
clock summer-time BRDT recurring 2 Sun Oct 0:00 3 Sun Feb 0:00
dns server-group DefaultDNS
domain-name default.domain.invalid
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network NETWORK_OBJ_172.16.0.0_22
subnet 172.16.0.0 255.255.252.0
object network NETWORK_OBJ_172.16.0.128_26
subnet 172.16.0.128 255.255.255.192
object network NETWORK_OBJ_20.0.0.0_24
subnet 20.0.0.0 255.255.255.0
object network NETWORK_OBJ_172.16.11.0_24
subnet 172.16.11.0 255.255.255.0
object-group network obj_any
access-list 1 standard permit 172.16.0.0 255.255.252.0
access-list 1 standard permit 20.0.0.0 255.255.255.0
access-list outside_cryptomap extended permit ip 172.16.0.0 255.255.252.0 20.0.0.0 255.255.255.0
access-list outside_cryptomap_1 extended permit ip 172.16.0.0 255.255.252.0 172.16.11.0 255.255.255.0
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool pool 172.16.0.150-172.16.0.160 mask 255.255.252.0
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-645-106.bin
no asdm history enable
arp timeout 14400
nat (inside,outside) source static NETWORK_OBJ_172.16.0.0_22 NETWORK_OBJ_172.16.0.0_22 destination static NETWORK_OBJ_172.16.0.128_26 NETWORK_OBJ_172.16.0.128_26 no-proxy-arp route-lookup
nat (inside,outside) source static NETWORK_OBJ_172.16.0.0_22 NETWORK_OBJ_172.16.0.0_22 destination static NETWORK_OBJ_20.0.0.0_24 NETWORK_OBJ_20.0.0.0_24 no-proxy-arp route-lookup
nat (inside,outside) source static NETWORK_OBJ_172.16.0.0_22 NETWORK_OBJ_172.16.0.0_22 destination static NETWORK_OBJ_172.16.11.0_24 NETWORK_OBJ_172.16.11.0_24 no-proxy-arp route-lookup
nat (inside,outside) after-auto source dynamic any interface
route outside 172.16.11.0 255.255.255.0 187.16.33.131 10
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
http server enable
http 172.16.0.0 255.255.252.0 inside
no snmp-server location
no snmp-server contact
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 1 match address outside_cryptomap
crypto map outside_map 1 set peer 189.11.56.237
crypto map outside_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 1 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map outside_map 2 match address outside_cryptomap_1
crypto map outside_map 2 set peer 187.16.33.131
crypto map outside_map 2 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 2 set ikev2 ipsec-proposal DES 3DES AES AES192 AES256
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev1 enable outside
crypto ikev1 ipsec-over-tcp port 10000
crypto ikev1 policy 10
authentication crack
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 70
authentication crack
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 110
authentication rsa-sig
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 120
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 150
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
vpdn group gvt request dialout pppoe
vpdn group gvt localname *******@turbonetpro
vpdn group gvt ppp authentication pap
vpdn username *******@turbonetpro password *****
dhcpd auto_config outside
dhcpd address 172.16.0.144-172.16.1.143 inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy crv internal
group-policy crv attributes
dns-server value 172.16.0.253 8.8.8.8
vpn-tunnel-protocol ikev1
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 1
default-domain value crvnatural.com.br
group-policy GroupPolicy_189.11.56.237 internal
group-policy GroupPolicy_189.11.56.237 attributes
vpn-filter value 1
vpn-tunnel-protocol ikev1 ikev2
group-policy GroupPolicy_187.16.33.131 internal
group-policy GroupPolicy_187.16.33.131 attributes
vpn-filter value 1
vpn-tunnel-protocol ikev1 ikev2
username master password kWH7f2vqtjMEg2Yp encrypted
tunnel-group crv type remote-access
tunnel-group crv general-attributes
default-group-policy crv
dhcp-server 172.16.0.253
tunnel-group crv ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 189.11.**.*** type ipsec-l2l
tunnel-group 189.11.**.*** general-attributes
default-group-policy GroupPolicy_189.11.**.***
tunnel-group 189.11.**.*** ipsec-attributes
ikev1 pre-shared-key *****
ikev2 remote-authentication pre-shared-key ****
ikev2 local-authentication pre-shared-key *****
tunnel-group 187.16.33.*** type ipsec-l2l
tunnel-group 187.16.33.*** general-attributes
default-group-policy GroupPolicy_187.16.33.***
tunnel-group 187.16.33.*** ipsec-attributes
ikev1 pre-shared-key ******
ikev2 remote-authentication pre-shared-key *****
ikev2 local-authentication pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:50ed6f55182534a2429d065a26e9b45c
: endDavid,
In order to understand why LDAP is not working run a "debug ldap 255" and then try to login or run a AAA test.
Attach the output to find out the issue.
Please check this out as well, to make sure that you have the correct settings:
ASA 8.0: Configure LDAP Authentication for WebVPN Users
HTH.
Portu.
Maybe you are looking for
-
Dear MM consultants, We need to know which inventory report will give the stock matching to MB52 report??Including sale order stock We need to have sale order stock with value in inventory report?? Which report fulfill this pl reply Guru
-
Hi! Win 8.1 pro, domain workstation. How Block all access, except for a fews users/groups and domain controller information/date. Nuance: From domain AD is locked Workstation Firewall "Domain profile" edit. Possible? cenubit
-
Hi All Cud any one provide sample code how to upload accounts payable master data? thnx in advance, Pavani.
-
Hello, i have to put in as a source a tab delimited file - can nothing do about it, because our report generates it this way. So I have no idea, how to enter kind of \t into the file component delimiter tab. I can enter some 1 char things like ",", "
-
when i use the response.sendRedirect(url); the document gives an error and will not display. but when i copy the same url and paste it in a browser, the document opens just fine. what happens with response.sendRedirect to cause it to act this way? th