PPP Mulilink problem

Similar Messages

• Ppp multilink problem

  Hi
  I am having a problem configuring ip rtp with interleaving on two 1721's prioritizing voice traffic between two ip voice devices over a 128k point to point link. This is my config...
  interface Multilink1
  ip address 192.168.24.2 255.255.255.0
  no cdp enable
  ppp multilink
  ppp multilink fragment delay 20
  ppp multilink interleave
  ppp multilink group 1
  ip rtp header-compression iphc-format
  ip tcp header-compression iphc-format
  ip rtp priority 8100 100 40
  interface Serial0
  bandwidth 128
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  encapsulation ppp
  ppp multilink
  no cdp enable
  Everytime I add the 'ppp multilink' to the serial, I get the virtual-access interface bouncing up and down with no traffic flowing.
  any ideas?

  Cannnnnnnnt see much wrong, try adding "ppp multilink group 1" to int S0 config.

• RV220W - VPN PPP & RDP problem

  Hello!
  This is my first post here, so welcome!
  I have purchased RV220W router and implemented into the existing netowork. Everything seems to work fine except logging into rdp desktops of wxp's on the local network in the office.
  I'm not using router's VPN capabilities. I have made a connection through one of the WXP's VPN locally in the office. I login with password as PPP connection. Everything works fine, but I can only connect through RDP to the machine that is making the connection by "VPN IP". I cannot login to any IP that is local in the office. I can not ping either.
  We are using also Macs and the same problem is when connecting with ScreenSharing and pinging.
  It is definitely something to be set on the router.
  If you have any idea, I would apprecite your help!

  Hi again!
  After reading similar post I found a "solution".
  I have manually put actual RV220W IP as router ip (except of the ip of the XP that is making the vpn connection) on the computer I'm connected to VPN and now it's working fine.
  Anyway, thanks for approving this thread.
  Cheers,
  Adam

• Ppp radius problem

  Hi guys my problem is about Radius.It can not assign ip to remote host.This host request ppp and it terminated by on our Cisco router(LAC-LNS).And Cisco router uses AAA for authentication and ip assignment.Authentication part is okey.The host can connect radius and passes username password phase.But when the ppp protocol pass next ipcp level, host request;confreq is above,
  Primary DNS server IP address: 0.0.0.0
  Secondary DNS server IP address: 0.0.0.0
  Primary WINS server IP address: 0.0.0.0
  Secondary WINS server IP address: 0.0.0.0
  IP address: 0.0.0.0
  But the Router returns reject;confrej
  Primary DNS server IP address: 0.0.0.0
  Secondary DNS server IP address: 0.0.0.0
  Primary WINS server IP address: 0.0.0.0
  Secondary WINS server IP address: 0.0.0.0
  IP address: 0.0.0.0
  After this negotiation ppp ipcp part is terminated and the host never get ip address.
  My question, Although the ppp authentication seems okey, why the remote host does not get ip address.Shoul I focus radius config. or Router config. ?
  Thanks.

  Hi Marco,
  interface Virtual-Template1
  ip unnumbered GigabitEthernet0/0.12
  no ip mroute-cache
  no peer default ip address
  ppp authentication pap
  ppp ipcp predictive
  I will paste here also debug files.
  Best regards

• 3G config problem

  HI guys:
  i have config the Cisco 881GC-W with PCEX-3G-HSPA card
  i have not create the 3G connect to internet
  here is debug :
  debug ppp chat
  debug ppp negotiation
  3G_Test#ping 1.1.1.1
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
  *Aug 19 08:43:01.659: CHAT3: Attempting async line dialer script
  *Aug 19 08:43:01.659: CHAT3: Dialing using Modem script: gsm & System script: none
  *Aug 19 08:43:01.659: CHAT3: process started
  *Aug 19 08:43:01.659: CHAT3: Asserting DTR
  *Aug 19 08:43:01.663: CHAT3: Chat script gsm started
  *Aug 19 08:43:01.663: CHAT3: Sending string: ATDT#777
  *Aug 19 08:43:01.663: CHAT3: Chat script gsm finished, status = Success.
  *Aug 19 08:43:04.731: %LINK-3-UPDOWN: Interface Cellular0, changed state to up.
  Success rate is 0 percent (0/5)
  3G_Test#
  *Aug 19 08:43:04.731: Ce0 PPP: Using dialer call direction
  *Aug 19 08:43:04.731: Ce0 PPP: Treating connection as a callout
  *Aug 19 08:43:04.731: Ce0 PPP: Session handle[27000040] Session id[22]
  *Aug 19 08:43:04.731: Ce0 PPP: Phase is ESTABLISHING, Active Open
  *Aug 19 08:43:04.731: Ce0 PPP: Authorization required
  *Aug 19 08:43:04.731: Ce0 PPP: No remote authentication for call-out
  *Aug 19 08:43:04.731: Ce0 LCP: O CONFREQ [Closed] id 211 len 20
  *Aug 19 08:43:04.731: Ce0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
  *Aug 19 08:43:04.731: Ce0 LCP:    MagicNumber 0x2710E450 (0x05062710E450)
  *Aug 19 08:43:04.731: Ce0 LCP:    PFC (0x0702)
  *Aug 19 08:43:04.731: Ce0 LCP:    ACFC (0x0802)
  *Aug 19 08:43:06.715: Ce0 LCP: Timeout: State REQsent
  *Aug 19 08:43:06.715: Ce0 LCP: O CONFREQ [REQsent] id 212 len 20
  *Aug 19 08:43:06.715: Ce0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
  *Aug 19 08:43:06.715: Ce0 LCP:    MagicNumber 0x2710E450 (0x05062710E450)
  *Aug 19 08:43:06.715: Ce0 LCP:    PFC (0x0702)
  *Aug 19 08:43:06.715: Ce0 LCP:    ACFC (0x0802)
  *Aug 19 08:43:08.731: Ce0 LCP: Timeout: State REQsent
  *Aug 19 08:43:08.731: Ce0 LCP: O CONFREQ [REQsent] id 213 len 20
  *Aug 19 08:43:08.731: Ce0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
  *Aug 19 08:43:08.731: Ce0 LCP:    MagicNumber 0x2710E450 (0x05062710E450)
  *Aug 19 08:43:08.731: Ce0 LCP:    PFC (0x0702)
  *Aug 19 08:43:08.731: Ce0 LCP:    ACFC (0x0802)
  *Aug 19 08:43:10.747: Ce0 LCP: Timeout: State REQsent
  *Aug 19 08:43:10.747: Ce0 LCP: O CONFREQ [REQsent] id 214 len 20
  *Aug 19 08:43:10.747: Ce0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
  *Aug 19 08:43:10.747: Ce0 LCP:    MagicNumber 0x2710E450 (0x05062710E450)
  *Aug 19 08:43:10.747: Ce0 LCP:    PFC (0x0702)
  *Aug 19 08:43:10.747: Ce0 LCP:    ACFC (0x0802)
  *Aug 19 08:43:12.763: Ce0 LCP: Timeout: State REQsent
  *Aug 19 08:43:12.763: Ce0 LCP: O CONFREQ [REQsent] id 215 len 20
  *Aug 19 08:43:12.763: Ce0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
  *Aug 19 08:43:12.763: Ce0 LCP:    MagicNumber 0x2710E450 (0x05062710E450)
  *Aug 19 08:43:12.763: Ce0 LCP:    PFC (0x0702)
  *Aug 19 08:43:12.763: Ce0 LCP:    ACFC (0x0802)
  *Aug 19 08:43:14.779: Ce0 LCP: Timeout: State REQsent
  *Aug 19 08:43:14.779: Ce0 LCP: O CONFREQ [REQsent] id 216 len 20
  *Aug 19 08:43:14.779: Ce0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
  *Aug 19 08:43:14.779: Ce0 LCP:    MagicNumber 0x2710E450 (0x05062710E450)
  *Aug 19 08:43:14.779: Ce0 LCP:    PFC (0x0702)
  *Aug 19 08:43:14.779: Ce0 LCP:    ACFC (0x0802)
  *Aug 19 08:43:16.795: Ce0 LCP: Timeout: State REQsent
  *Aug 19 08:43:16.795: Ce0 LCP: O CONFREQ [REQsent] id 217 len 20
  *Aug 19 08:43:16.795: Ce0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
  *Aug 19 08:43:16.795: Ce0 LCP:    MagicNumber 0x2710E450 (0x05062710E450)
  *Aug 19 08:43:16.795: Ce0 LCP:    PFC (0x0702)
  *Aug 19 08:43:16.795: Ce0 LCP:    ACFC (0x0802)
  *Aug 19 08:43:18.811: Ce0 LCP: Timeout: State REQsent
  *Aug 19 08:43:18.811: Ce0 LCP: O CONFREQ [REQsent] id 218 len 20
  *Aug 19 08:43:18.811: Ce0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
  *Aug 19 08:43:18.811: Ce0 LCP:    MagicNumber 0x2710E450 (0x05062710E450)
  *Aug 19 08:43:18.811: Ce0 LCP:    PFC (0x0702)
  *Aug 19 08:43:18.811: Ce0 LCP:    ACFC (0x0802)
  *Aug 19 08:43:20.827: Ce0 LCP: Timeout: State REQsent
  *Aug 19 08:43:20.827: Ce0 LCP: O CONFREQ [REQsent] id 219 len 20
  *Aug 19 08:43:20.827: Ce0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
  *Aug 19 08:43:20.827: Ce0 LCP:    MagicNumber 0x2710E450 (0x05062710E450)
  *Aug 19 08:43:20.827: Ce0 LCP:    PFC (0x0702)
  *Aug 19 08:43:20.827: Ce0 LCP:    ACFC (0x0802)
  *Aug 19 08:43:22.843: Ce0 LCP: Timeout: State REQsent
  *Aug 19 08:43:22.843: Ce0 LCP: O CONFREQ [REQsent] id 220 len 20
  *Aug 19 08:43:22.843: Ce0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
  *Aug 19 08:43:22.843: Ce0 LCP:    MagicNumber 0x2710E450 (0x05062710E450)
  *Aug 19 08:43:22.843: Ce0 LCP:    PFC (0x0702)
  *Aug 19 08:43:22.843: Ce0 LCP:    ACFC (0x0802)
  *Aug 19 08:43:24.859: Ce0 LCP: Timeout: State REQsent
  *Aug 19 08:43:24.859: Ce0 PPP: Sending Acct Event[Down] id[1A]
  *Aug 19 08:43:24.859: Ce0 LCP: State is Closed
  *Aug 19 08:43:24.859: Ce0 PPP: Phase is DOWN
  *Aug 19 08:43:24.859: Ce0 LCP: State is Listen
  *Aug 19 08:43:26.859: %LINK-5-CHANGED: Interface Cellular0, changed state to reset
  *Aug 19 08:43:26.859: Ce0 LCP: State is Closed
  *Aug 19 08:43:31.931: %LINK-3-UPDOWN: Interface Cellular0, changed state to down
  3G_Test#
  3G_Test#
  it may be a ppp link problem,because Chat script gsm finished, status = Success,but i dont't understand why cell 0 didn't UP
  here is my config:
  chat-script gsm "" "ATDT#777"
  interface Cellular0
  ip address negotiated
  ip nat outside
  ip virtual-reassembly
  encapsulation ppp
  dialer in-band
  dialer string gsm
  dialer-group 1
  async mode interactive
  ppp chap hostname card
  ppp chap password 0 card
  ppp ipcp dns request
  interface Vlan1
  ip address 192.168.1.1 255.255.255.0
  ip nat inside
  ip virtual-reassembly
  ip forward-protocol nd
  ip route 0.0.0.0 0.0.0.0 Cellular0
  ip http server
  ip http secure-server
  ip nat inside source list 1 interface Cellular0 overload
  access-list 1 permit any
  dialer-list 1 protocol ip list 1
  control-plane
  line con 0
  no modem enable
  line aux 0
  line 2
  no activation-character
  no exec
  transport preferred none
  transport input all
  line 3
  script dialer gsm
  no exec
  line vty 0 4
  login
  anyone can help me ?thanks!

  Hi,
  I have not an solution but rather a similar problem with that kind of hardware (881GW with PCEX-3G-HSPA). I have a working config for only *one* successful 3G dial-in: after losing the established 3G connection (e.g. forcing a "clear int dial 1"), the router can not re-establish the 3G connection until I reboot the device. It seems that the communication between IOS and the modem is some kind of damaged:
  Config:
  =====
  chat-script GSM "" AT OK "ATDT*99*1#"
  interface Cellular0
  no ip address
  ip virtual-reassembly in
  encapsulation ppp
  dialer in-band
  dialer pool-member 1
  async mode interactive
  no ppp lcp fast-start
  interface Dialer1
  ip address negotiated
  encapsulation ppp
  dialer pool 1
  dialer idle-timeout 0
  dialer string GSM
  dialer-group 1
  no ppp lcp fast-start
  ppp chap refuse
  ppp pap sent-username USER password TEST
  ip route 0.0.0.0 0.0.0.0 Dialer1
  dialer-list 1 protocol ip permit
  line 3
  exec-timeout 0 0
  script dialer GSM
  modem InOut
  no exec
  1st login - successful:
  ================
  *Nov 10 16:28:40.955: Ce0 DDR: rotor dialout [best] least recent failure is also most recent failure
  *Nov 10 16:28:40.955: Ce0 DDR: rotor dialout [best] trying untried dialout
  *Nov 10 16:28:40.955: Ce0 DDR: rotor dialout [best] also has most recent failure
  *Nov 10 16:28:40.955: Ce0 DDR: rotor dialout [best]
  *Nov 10 16:28:40.955: Ce0 DDR: Dialing cause ip (s=10.98.3.10, d=17.72.255.12)
  *Nov 10 16:28:40.955: Ce0 DDR: Attempting to dial GSM
  *Nov 10 16:28:40.955: CHAT3: Attempting async line dialer script
  *Nov 10 16:28:40.955: CHAT3: Dialing using Modem script: GSM & System script: none
  *Nov 10 16:28:40.955: CHAT3: process started
  *Nov 10 16:28:40.955: CHAT3: Asserting DTR
  *Nov 10 16:28:40.959: CHAT3: Chat script GSM started
  *Nov 10 16:28:40.959: CHAT3: Sending string: AT
  *Nov 10 16:28:40.959: CHAT3: Expecting string: OK
  *Nov 10 16:28:40.963: CHAT3: Completed match for expect: OK
  *Nov 10 16:28:40.963: CHAT3: Sending string: ATDT*99*1#
  *Nov 10 16:28:40.963: CHAT3: Chat script GSM finished, status = Success
  *Nov 10 16:28:42.039: TTY3: no timer type 1 to destroy
  *Nov 10 16:28:42.039: TTY3: no timer type 0 to destroy
  *Nov 10 16:28:42.039: TTY3: no timer type 2 to destroy
  *Nov 10 16:28:44.039: %LINK-3-UPDOWN: Interface Cellular0, changed state to up
  *Nov 10 16:28:44.039: Ce0 DDR: Dialer statechange to up
  *Nov 10 16:28:44.039: %DIALER-6-BIND: Interface Ce0 bound to profile Di1
  *Nov 10 16:28:44.039: Ce0 DDR: Dialer call has been placed
  *Nov 10 16:28:44.039: Ce0 PPP: Sending cstate UP notification
  *Nov 10 16:28:44.039: Ce0 PPP: Processing CstateUp message
  *Nov 10 16:28:44.067: PPP: Alloc Context [84DAA350]
  *Nov 10 16:28:44.067: ppp1 PPP: Phase is ESTABLISHING
  *Nov 10 16:28:44.067: ppp1 PPP: Using AAA Unique Id = D
  *Nov 10 16:28:44.067: Ce0 PPP: Authorization required
  *Nov 10 16:28:44.067: Ce0 PPP: Using dialer call direction
  *Nov 10 16:28:44.067: Ce0 PPP: Treating connection as a callout
  *Nov 10 16:28:44.067: Ce0 PPP: Session handle[FE000001] Session id[1]
  *Nov 10 16:28:44.067: Ce0 LCP: Event[OPEN] State[Initial to Starting]
  *Nov 10 16:28:44.071: Ce0 PPP: No remote authentication for call-out
  *Nov 10 16:28:44.071: Ce0 LCP: O CONFREQ [Starting] id 1 len 20
  *Nov 10 16:28:44.071: Ce0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
  *Nov 10 16:28:44.071: Ce0 LCP:    MagicNumber 0x4C781BD5 (0x05064C781BD5)
  *Nov 10 16:28:44.071: Ce0 LCP:    PFC (0x0702)
  *Nov 10 16:28:44.071: Ce0 LCP:    ACFC (0x0802)
  *Nov 10 16:28:44.071: Ce0 LCP: Event[UP] State[Starting to REQsent]
  *Nov 10 16:28:44.079: Ce0 LCP: I CONFACK [REQsent] id 1 len 20
  *Nov 10 16:28:44.079: Ce0 LCP:    ACCM 0x000A0000 (0x0206000A0000)
  *Nov 10 16:28:44.079: Ce0 LCP:    MagicNumber 0x4C781BD5 (0x05064C781BD5)
  *Nov 10 16:28:44.079: Ce0 LCP:    PFC (0x0702)
  *Nov 10 16:28:44.079: Ce0 LCP:    ACFC (0x0802)
  *Nov 10 16:28:47.971: Ce0 IPCP: O CONFREQ [ACKsent] id 4 len 10
  *Nov 10 16:28:47.971: Ce0 IPCP:    Address 10.99.17.58 (0x03060A63113A)
  *Nov 10 16:28:47.971: Ce0 IPCP: Event[Receive ConfNak/Rej] State[ACKsent to ACKsent]
  *Nov 10 16:28:48.027: Ce0 IPCP: I CONFACK [ACKsent] id 4 len 10
  *Nov 10 16:28:48.027: Ce0 IPCP:    Address 10.99.17.58 (0x03060A63113A)
  *Nov 10 16:28:48.027: Ce0 IPCP: Event[Receive ConfAck] State[ACKsent to Open]
  *Nov 10 16:28:48.027: Ce0 IPCP: State is Open
  *Nov 10 16:28:48.027: Di1 IPCP: Install negotiated IP interface address 10.99.17.58
  *Nov 10 16:28:48.031: Ce0 DDR: dialer protocol up1#
  --> Now I do a "clear int dial 1":
  2nd and all further logins - failure:
  ========================
  *Nov 10 17:37:53.467: Ce0 DDR: rotor dialout [best] least recent failure is also most recent failure
  *Nov 10 17:37:53.467: Ce0 DDR: rotor dialout [best] also has most recent failure
  *Nov 10 17:37:53.467: Ce0 DDR: rotor dialout [best]
  *Nov 10 17:37:53.467: Ce0 DDR: Dialing cause ip (s=10.98.3.10, d=10.99.16.254)
  *Nov 10 17:37:53.467: Ce0 DDR: Attempting to dial GSM
  *Nov 10 17:37:53.467: CHAT3: Attempting async line dialer script
  *Nov 10 17:37:53.467: CHAT3: Dialing using Modem script: GSM & System script: none
  *Nov 10 17:37:53.471: CHAT3: process started
  *Nov 10 17:37:53.471: CHAT3: Asserting DTR
  *Nov 10 17:37:53.471: CHAT3: Chat script GSM started
  *Nov 10 17:37:53.475: CHAT3: Sending string: AT
  *Nov 10 17:37:53.475: CHAT3: Expecting string: OK
  *Nov 10 17:37:58.475: CHAT3: Timeout expecting: OK
  *Nov 10 17:37:58.475: CHAT3: Chat script GSM finished, status = Connection timed out; remote host not responding
  *Nov 10 17:37:58.475: TTY3: Line reset by "Async dialer"
  *Nov 10 17:37:58.475: Ce0 DDR: disconnecting call
  *Nov 10 17:37:58.475: TTY3: dropping DTR
  *Nov 10 17:37:59.475: TTY3: asserting DTR
  *Nov 10 17:37:59.475: TTY3: Modem: (unknown)->READY
  Maybe somone has some clue how this can happen?
  Gerald

• Solaris 10 ppp problems

  Hi!
  I've big problems connecting to my isp using pppd included in Solaris 10 x86. I have Ericsson HiS modem, IDSL technology, connected to /dev/cua0 max speed set to 115200 kbps, it doesn't require chat script. I'd like to notice that there are no problems connecting my ISP on Linux with the same options used. I think the problem is a buggy PAP authentication negotiation with peer (diffs between linux and solaris in pppd debug log). Is there problem with configuration or (buggy?) old 2.4.0b1 version of ppp?? Any suggestions appreciated.

  I need help especially from polish users, who experienced problems, or not, with HiS Ericsson iDSL modem (115,2 kbps) and Sun's ppp. Why can't I connect the same way as in for ex. FreeBSD or linux systems? Do I need a special configuration of serial port or modem? This is a fragment from typical pppd debug log:
  serial speed set to 115200bps
  Using interface sppp0
  Connect: sppp0 <--> /dev/cua0
  sent [LCP ConfReq id=0xe <asyncmap 0x0> <magic 0x7d40a344> <pcomp> <accomp>]
  rcvd [LCP ConfReq id=ox1 <mru 1656> <asyncmap 0x0> <auth pap> <magic 0x6a789b2f> <linkdisc 256>]
  LCP: rejecting unknown option 23 #this message repeats several times
  LCP: Rcvd Code-Reject for unknown code 192 id 33
  Authenticating to peer with PAP
  sent [PAP AuthReq id=0x1 user="user" password=<hidden>]
  rcvd  [PAP AuthAck id=0x1 " "]
  sent {IPCP ConfReq id=0x49 <addr 0.0.0.0> <compress VJ 0f 01>]
  sent [CCP ConfReq id=0x2b <deflate 15> <deflate (old#) 15> <bsd v1 15>]
  rcvd [proto=0xc02b] 01 08 00 0a 01 06 25 fe 28 0c
  Unsupported protocol 0xc02b received #this message appears several times
  ...

• Nov 19 11:12:17 EET: ppp8272 PPP: Sent PAP LOGIN Request PPPOE problem

  a session stays in LCP and the debug is :
  Nov 19 11:43:20 EET: PPPoE 0: I PADI R:0015.0c44.e6c4 L:ffff.ffff.ffff 1470 Gi1/1/0.1470
  Nov 19 11:43:20 EET: Service tag: NULL Tag
  Nov 19 11:43:20 EET: PPPoE 0: O PADO, R:001b.53c3.1d24 L:0015.0c44.e6c4 1470 Gi1/1/0.1470
  Nov 19 11:43:20 EET: Service tag: NULL Tag
  Nov 19 11:43:20 EET: PPPoE 0: I PADR R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
  Nov 19 11:43:20 EET: Service tag: NULL Tag
  Nov 19 11:43:20 EET: PPPoE : encap string prepared
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: Access IE handle allocated
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: AAA get retrieved attrs
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: AAA get nas port details
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: AAA get dynamic attrs
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: AAA get dynamic attrs
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: AAA unique ID allocated
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: AAA method list set
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: Service request sent to SSS
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: Created, Service: None R:001b.53c3.1d24 L:0015.0c44.e6c4 1470 Gi1/1/0.1470
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: State NAS_PORT_POLICY_INQUIRY Event SSS MORE KEYS
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: data path set to PPP
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: Segement (SSS class): PROVISION
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: State PROVISION_PPP Event SSM PROVISIONED
  Nov 19 11:43:20 EET: [12789]PPPoE 59193: O PADS R:0015.0c44.e6c4 L:001b.53c3.1d24 Gi1/1/0.1470
  Nov 19 11:43:21 EET: PPPoE 0: I PADR R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
  Nov 19 11:43:21 EET: Service tag: NULL Tag
  Nov 19 11:43:21 EET: [12789]PPPoE 59193: O PADS R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
  Nov 19 11:43:22 EET: PPPoE 0: I PADR R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
  Nov 19 11:43:22 EET: Service tag: NULL Tag
  Nov 19 11:43:22 EET: [12789]PPPoE 59193: O PADS R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
  Nov 19 11:43:25 EET: [1564]PPPoE 59133: AAA get dynamic attrs
  Nov 19 11:43:25 EET: [1564]PPPoE 59133: AAA get dynamic attrs
  Nov 19 11:43:25 EET: PPPoE 59133: I PADT R:0015.0c7f.3617 L:001b.53c3.1d24 1470 Gi1/1/0.1470
  Nov 19 11:43:25 EET: [1564]PPPoE 59133: Destroying R:0015.0c7f.3617 L:001b.53c3.1d24 1470 Gi1/1/0.1470
  Nov 19 11:43:25 EET: PPPoE: Returning Vaccess Virtual-Access1.5542
  Nov 19 11:43:25 EET: [1564]PPPoE 59133: AAA get dynamic attrs
  Nov 19 11:43:25 EET: [1564]PPPoE 59133: AAA get dynamic attrs
  Nov 19 11:43:25 EET: [1564]PPPoE 59133: AAA account stopped
  Nov 19 11:43:25 EET: [1564]PPPoE 59133: Segement (SSS class): UNPROVISION
  Nov 19 11:43:26 EET: PPPoE 59133: I PADT R:0015.0c7f.3617 L:001b.53c3.1d24 1470 Gi1/1/0.1470
  Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
  Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
  Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
  Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
  Nov 19 11:43:29 EET: [12789]PPPoE 59193: O PADT R:0015.0c44.e6c4 L:001b.53c3.1d24 Gi1/1/0.1470
  Nov 19 11:43:29 EET: [12789]PPPoE 59193: Destroying R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
  Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
  Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
  Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
  Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA get dynamic attrs
  Nov 19 11:43:29 EET: [12789]PPPoE 59193: AAA account stopped
  Nov 19 11:43:29 EET: [12789]PPPoE 59193: Segement (SSS class): UNPROVISION
  Nov 19 11:43:29 EET: PPPoE 59193: I PADT R:0015.0c44.e6c4 L:001b.53c3.1d24 1470 Gi1/1/0.1470
  sh pppoe session | in e6c4
  9040 61583 0015.0c44.e6c4 Gi1/1/0.1470 1 N/A LCP
  Does anyone understands why the session stays to LCP and it is terminated?

  I have already tried a debug ppp negotiation and a debug radius authentication, but i do not seem to get the user's username....And after all the ppp stops in LCP. I run a certain pppoe debug and i watched the user changing from PADI to PADO all the time. Is there a chance to have a problem in the dlsam?

• PPP problems

  Hello everyone !
  I use pppd to establish a connection to the internet.
  I open a /dev/ptmx and /dev/ptsX pair. I start pppd with STDIN and STDOUT set to the /dev/ptsX device.
  The /dev/ptmx device is connected to a software that emulates an AT-command modem using a special USB modem.
  The problem is:
  * LCP, CHAP/PAP and IPCP packets work correctly.
  * Incoming TCP/IP packets are sent to the kernel
  (kdebug option of pppd shows that the TCP/IP packets arrive at the kernel)
  * PPP does NOT send any outgoing TCP/IP packet
  Q: Why does PPP not send any outgoing TCP/IP packets ?
  I even tried the "notty" option of pppd.
  Any ideas ?
  Thanks.
  Martin

  I found out that the first PPP connection (over the network device sppp0) works.
  Following connections over sppp0 work, too while connections over sppp1 etc. do NOT work.
  I think this is a routing problem; the "default route" is bound to sppp0 and cannot be changed to sppp1.
  I'm not 100% sure and I do not know how to handle this.
  Another problem is that a non-blocking read() from /dev/ptmx sometimes returns 0 instead of errno=EWOULDBLOCK. Unfortunately I use read()==0 as hang-up detection.
  Any ideas ?
  Thanks.
  Martin.

• Autoselect ppp problems

  Hi,
  After upgrading old C2500 analog dial-in router with ext. modem pool and with IOS v.11.2.17 to new C3845 router with int. NM-8AM-V2 and IOS v. 12.4.10 i have folloing problems:
  1. ppp session does not starts automatically with
  'autoselect ppp' command in configuration
  2. ppp session starts only when both 'autoselect ppp' and 'autoselect during-login' are configured, but remote users need access both EXEC-mode and PPP-mode w/o 'autoselect during-login' command and Username prompt.
  Any ideas?
  Router C2500 with old v.11.2.17 IOS configuration:
  modemcap entry zyxel:FD=&f*m1s0=1s7=120s10=250:SPD=s20=3:DTE=19200
  interface Group-Async1
  ip unnumbered Ethernet0
  ip access-group 105 out
  encapsulation ppp
  async default routing
  async mode interactive
  ntp disable
  peer default ip address pool ppp_DialIn
  no cdp enable
  ppp authentication chap
  group-range 1 8
  line 1 8
  session-timeout 10
  no exec-banner
  autoselect ppp
  login authentication via_tacacs
  modem InOut
  modem autoconfigure type zyxel
  terminal-type download
  no editing
  transport input all
  escape-character NONE
  telnet transparent
  stopbits 1
  rxspeed 19200
  txspeed 19200
  flowcontrol hardware

  Removing "autoselect during-login" and adding "autoselect timeout 5". Doing this will allow AAA authentication not to be taken immediately after the connection is made.

• Multilink PPP problem

  Hi Guys,
  i got a situation here and hope someone will be able to help me out. Recently i configured a PPP multilink and am facing some issues after that.
  Issue 1:
  There seems to be lot of input error on multilink interface (150 errors in 40 mins)
  Issue 2:
  when any of the multilink member interface goes down (all other links are active), am getting packrt drops and request timed out when i ping my other end multi link interface atleast for some 30 sec , after which my response is ok.
  About my network
  I have connectivity between site A and Site B which consists of five 64 kbps Leased lines bundled together with Multilink PPP
  My configuration is shown below
  End A
  interface multilink 1
  ip address x.x.x.x x.x.x.x
  ppp multilink fragment-delay 20
  ppp multilink interleave
  ppp multilink
  multilink-group 1
  int Ser 2/0
  bandwidth 64
  no ip address
  no ip redirects
  no ip proxy-arp
  encapsulation ppp
  no ip route-cache
  no ip mroute-cache
  no fair-queue
  ppp multilink
  multilink-group 1
  int Ser 2/1
  bandwidth 64
  no ip address
  no ip redirects
  no ip proxy-arp
  encapsulation ppp
  no ip route-cache
  no ip mroute-cache
  no fair-queue
  ppp multilink
  multilink-group 1
  int Ser 2/2
  bandwidth 64
  no ip address
  no ip redirects
  no ip proxy-arp
  encapsulation ppp
  no ip route-cache
  no ip mroute-cache
  no fair-queue
  ppp multilink
  multilink-group 1
  int Ser 2/3
  bandwidth 64
  no ip address
  no ip redirects
  no ip proxy-arp
  encapsulation ppp
  no ip route-cache
  no ip mroute-cache
  no fair-queue
  ppp multilink
  multilink-group 1
  int Ser 2/4
  bandwidth 64
  no ip address
  no ip redirects
  no ip proxy-arp
  encapsulation ppp
  no ip route-cache
  no ip mroute-cache
  no fair-queue
  ppp multilink
  multilink-group 1
  End B
  interface multilink 1
  ip address ip address x.x.x.x x.x.x.x
  ppp multilink fragment-delay 20
  ppp multilink interleave
  ppp multilink
  multilink-group 1
  interface S 2/0:1
  bandwidth 64
  no ip address
  no ip redirects
  no ip proxy-arp
  encapsulation ppp
  no ip route-cache
  no ip mroute-cache
  no fair-queue
  ppp multilink
  multilink-group 1
  interface S 2/0:11
  bandwidth 64
  no ip address
  no ip redirects
  no ip proxy-arp
  encapsulation ppp
  no ip route-cache
  no ip mroute-cache
  no fair-queue
  ppp multilink
  multilink-group 1
  interface S 2/0:25
  bandwidth 64
  no ip address
  no ip redirects
  no ip proxy-arp
  encapsulation ppp
  no ip route-cache
  no ip mroute-cache
  no fair-queue
  ppp multilink
  multilink-group 1
  interface S 2/0:4
  bandwidth 64
  no ip address
  no ip redirects
  no ip proxy-arp
  encapsulation ppp
  no ip route-cache
  no ip mroute-cache
  no fair-queue
  ppp multilink
  multilink-group 1
  interface S 2/0:6
  bandwidth 64
  no ip address
  no ip redirects
  no ip proxy-arp
  encapsulation ppp
  no ip route-cache
  no ip mroute-cache
  no fair-queue
  ppp multilink
  multilink-group 1

  pls find the output of show command
  END A #sh int multilink 5
  Multilink5 is up, line protocol is up
  Hardware is multilink group interface
  Description: ***Multilink to End B ***
  Internet address is 192.26.0.162/30
  MTU 1500 bytes, BW 320 Kbit, DLY 100000 usec,
  reliability 255/255, txload 2/255, rxload 1/255
  Encapsulation PPP, loopback not set
  Keepalive set (10 sec)
  DTR is pulsed for 2 seconds on reset
  LCP Open, multilink Open
  Open: IPCP, CDPCP
  Last input 00:00:00, output never, output hang never
  Last clearing of "show interface" counters 19:55:13
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 2000 bits/sec, 4 packets/sec
  5 minute output rate 3000 bits/sec, 4 packets/sec
  309478 packets input, 58763590 bytes, 0 no buffer
  Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
  1492 input errors, 0 CRC, 1492 frame, 0 overrun, 0 ignored, 0 abort
  290606 packets output, 32728691 bytes, 0 underruns
  0 output errors, 0 collisions, 0 interface resets
  0 output buffer failures, 0 output buffers swapped out
  0 carrier transitions
  END A #sh ppp multilink
  Multilink5, bundle name is End B
  Bundle up for 22:06:31
  493 lost fragments, 162050 reordered, 0 unassigned
  999 discarded, 0 lost received, 3/255 load
  0xAE5E6 received sequence, 0x69F6B sent sequence
  Member links: 5 active, 0 inactive (max not set, min not set)
  Se2/0, since 20:07:34, last rcvd seq 0AE5E1, 160 weight, 152 frag size
  Se2/2, since 20:04:45, last rcvd seq 0AE5E2, 160 weight, 152 frag size
  Se2/3, since 20:04:07, last rcvd seq 0AE5E3, 160 weight, 152 frag size
  Se2/5, since 20:03:24, last rcvd seq 0AE5E4, 160 weight, 152 frag size
  Se2/1, since 19:57:12, last rcvd seq 0AE5E5, 160 weight, 152 frag size
  Am getting 1400 input errors in last 19 hours on multilink interface, also less than 100 input errors on member serial interfacs.Also am not loosing any link member.

• I have asr 1000 with asr1000rp2-adventerprisek have problem when I gave PPP Multilink to the interface Dialer

  Hello,
  please Urgent Help
  I have ASR 1000 with asr1000rp2-adventerprisek  Version, when I give PPP Multilink to the dialer interface it show following error :
  FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: F0: fman_fp_image:
  MLP bundle , link download to CPP failed
  please urgent help

  this error comes with the command PPP multilink, it is a lot of letters and numbers and then this last line comes this message 
  FMFP-3-OBJ_DWNLD_TO_CPP_FAILED: F0: fman_fp_image:
  MLP bundle 181, link 178 download to CPP failed
  the configuration still not installed but I configured just the following lines
  interface Virtual-Template
  ip unnumbered Loopback2
  ip mtu 1440
  ip load-sharing per-packet
  ip tcp adjust-mss 1400
  no logging event link-status
  peer default ip address pool
  ipv6 unnumbered Loopback2
  ipv6 enable
  no ipv6 nd suppress-ra
  ppp authentication pap chap callin
  ppp multilink
  ppp multilink fragment delay 100
  ppp multilink mrru local 1546
  that were the lines used to configure this Dialer, the image must be asr1000rp2-adventerprisek and not Ipbase but I dont tried to use IPbase.
  what do think ?

• Problems setting up PPP using GSM modem

  I am trying to setup a PC with Solaris 10 installed to use a 3G USB modem to connect to the internet.
  bash-3.00# cat /etc/release
  Solaris 10 10/09 s10x_u8wos_08a X86
  bash-3.00# uname -a
  SunOS gateway 5.10 Generic_141445-09 i86pc i386 i86pc
  I have the modem working in so far as I can tip to it and get a response back:-
  bash-3.00# tip -460800 /dev/cua/0
  connected
  at
  OK
  ati
  Manufacturer: huawei
  Model: E17X
  Revision: 11.311.05.02.67
  IMEI: 358108024400748
  GCAP: CGSM,+FCLASS,+DS
  OK
  ~
  [EOT]
  when I run the following command: pppd debug call mtn
  I get the following in the pppd log:-
  Aug 7 19:44:00 gateway pppd[463]: [ID 860527 daemon.notice] pppd 2.4.0b1 (Sun Microsystems, Inc.) started by root, uid 0
  Aug 7 19:44:00 gateway pppd[463]: [ID 702911 daemon.debug] serial speed set to 460800 bps
  Aug 7 19:44:01 gateway pppd[463]: [ID 702911 daemon.debug] connect option: '/usr/bin/chat -Vv -f /etc/ppp/mtn-connect' started (pid 464)
  Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] timeout set to 5 seconds
  Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] abort on (\nBUSY\r)
  Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] abort on (\nERROR\r)
  Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] abort on (\nNO ANSWER\r)
  Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] abort on (\nNO CARRIER\r)
  Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] abort on (\nNO DIALTONE\r)
  Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] abort on (\nRINGING\r\n\r\nRINGING\r)
  Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] report (CONNECT)
  Aug 7 19:44:02 gateway chat[465]: [ID 702911 local2.info] expect (OK)
  Aug 7 19:44:07 gateway chat[465]: [ID 702911 local2.info] alarm
  Aug 7 19:44:07 gateway chat[465]: [ID 702911 local2.info] Failed
  Aug 7 19:44:07 gateway pppd[463]: [ID 702911 daemon.error] Connect script failed
  Aug 7 19:44:08 gateway pppd[463]: [ID 834084 daemon.info] Exit.
  the peer file is as follows:-
  bash-3.00# more /etc/ppp/peers/mtn
  # MTN PPP initialisation/termination script
  # Do not ask the remote to authenticate.
  noauth
  # Modem chat scripts
  connect "/usr/bin/chat -Vv -f /etc/ppp/mtn-connect"
  disconnect "/usr/bin/chat -Vv -f /etc/ppp/mtn-disconnect"
  # Serial device to which the modem is connected.
  /dev/cua/0
  # Speed of the serial line.
  460800
  # Use this connection as the default route.
  defaultroute
  # ISP supplies us with a local IP address during IPCP negotiation
  noipdefault
  # Try to get the name server addresses from the ISP.
  usepeerdns
  # Username for authentication
  user "username"
  # Password for authentication
  password "password"
  # Always try to reconnect, when connection fails or is lost
  # persist
  # Never give up after failed connect attempts
  # maxfail 0
  # Debugging
  debug
  and the connect script is as follows:-
  # MTN PPP CONNECT script
  TIMEOUT 5
  ECHO ON
  ABORT '\nBUSY\r'
  ABORT '\nERROR\r'
  ABORT '\nNO ANSWER\r'
  ABORT '\nNO CARRIER\r'
  ABORT '\nNO DIALTONE\r'
  ABORT '\nRINGING\r\n\r\nRINGING\r'
  REPORT CONNECT
  OK 'ATZ'
  OK 'AT+cgdcont=1,"IP","apn1.mtn.net"'
  OK 'AT+cgdcont=2,"IP","apn2.mtn.net"'
  OK 'ATD*99***1#'
  I am sure I have missed something really obvious but I can't see where.

  Don't use the setup CD.  Connect manually via wired computer to 192.168.1.1 username blank, password 'admin'.  Now configure the router manually like everyone else.

• Can't connect to Internet since 12/20/09??​?? PPP problem

  I haven't been able to connect to internet here in Plymouth, MA since 12/19? Called numerous time to support and they say it is outage problems in area. My DSL light is steady on modem but when trying to connect the Internet light goes steady red!  Anyone else having this problem in South East MA area? Does it normally take over a week to correct?

  Outages almost never last a week. Verizon can't afford to leave customers without service for that long. I would suggest contacting Tech Support again. If the agent tells you that it's just an outage, ask to speak to their supervisor.
  If a forum member gives an answer you like, give them the Kudos they deserve. If a member gives you the answer to your question, mark the answer as Accepted Solution so others can see the solution to the problem.
  "All knowledge is worth having."

• Strange problem with ppp

  installed the base system + kde + xfce + rp-pppoe, but now, if use the kde a strange error happend:
  Nov 9 23:32:03 Geo-Front kernel: unregister_netdevice: waiting for ppp0 to become free. Usage count = 1
  the log is big if yours want, a paste, but now, that message show, and kde don`t work, inly can "killall kdm", then "adsl-stop", and "kdm", and, if try login to kde with internet coneccion running, don`t start, only can login in xfce, and y try run a kprogram, dont work too 

  the full log:
  http://www.foro.powers.cl/viewtopic.php … 46#1247046

• Problem with ASA 5505

  Good morning,
  I'm having the following problem. I configured a ASA 5505 with VPN and a VPN Remote Access Site-to-site. Everything is working, but when I reload the ASA does not work anymore VPNs, Remote Access error 412 and the Site-to-site does not connect more to solve, I have to reset and reconfigure the ASA. This is happening dopo updating the ASA, I have version 842-k8 and asdm645-106.
  Does anyone have any idea what can be?
  Thank you.
  Running-config:
  : Saved
  : Written by master at 10:34:14.839 BRDT Mon Oct 10 2011
  ASA Version 8.4(2)
  hostname ciscoasa
  domain-name default.domain.invalid
  enable password 2KFQnbNIdI.2KYOU encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan1
  nameif inside
  security-level 0
  ip address 172.16.0.140 255.255.252.0
  interface Vlan2
  nameif outside
  security-level 0
  pppoe client vpdn group gvt
  ip address pppoe setroute
  boot system disk0:/asa842-k8.bin
  ftp mode passive
  clock timezone BRST -3
  clock summer-time BRDT recurring 2 Sun Oct 0:00 3 Sun Feb 0:00
  dns server-group DefaultDNS
  domain-name default.domain.invalid
  same-security-traffic permit inter-interface
  same-security-traffic permit intra-interface
  object network NETWORK_OBJ_172.16.0.0_22
  subnet 172.16.0.0 255.255.252.0
  object network NETWORK_OBJ_172.16.0.128_26
  subnet 172.16.0.128 255.255.255.192
  object network NETWORK_OBJ_20.0.0.0_24
  subnet 20.0.0.0 255.255.255.0
  object network NETWORK_OBJ_172.16.11.0_24
  subnet 172.16.11.0 255.255.255.0
  object-group network obj_any
  access-list 1 standard permit 172.16.0.0 255.255.252.0
  access-list 1 standard permit 20.0.0.0 255.255.255.0
  access-list outside_cryptomap extended permit ip 172.16.0.0 255.255.252.0 20.0.0.0 255.255.255.0
  access-list outside_cryptomap_1 extended permit ip 172.16.0.0 255.255.252.0 172.16.11.0 255.255.255.0
  pager lines 24
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  ip local pool pool 172.16.0.150-172.16.0.160 mask 255.255.252.0
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-645-106.bin
  no asdm history enable
  arp timeout 14400
  nat (inside,outside) source static NETWORK_OBJ_172.16.0.0_22 NETWORK_OBJ_172.16.0.0_22 destination static NETWORK_OBJ_172.16.0.128_26 NETWORK_OBJ_172.16.0.128_26 no-proxy-arp route-lookup
  nat (inside,outside) source static NETWORK_OBJ_172.16.0.0_22 NETWORK_OBJ_172.16.0.0_22 destination static NETWORK_OBJ_20.0.0.0_24 NETWORK_OBJ_20.0.0.0_24 no-proxy-arp route-lookup
  nat (inside,outside) source static NETWORK_OBJ_172.16.0.0_22 NETWORK_OBJ_172.16.0.0_22 destination static NETWORK_OBJ_172.16.11.0_24 NETWORK_OBJ_172.16.11.0_24 no-proxy-arp route-lookup
  nat (inside,outside) after-auto source dynamic any interface
  route outside 172.16.11.0 255.255.255.0 187.16.33.131 10
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  user-identity default-domain LOCAL
  http server enable
  http 172.16.0.0 255.255.252.0 inside
  no snmp-server location
  no snmp-server contact
  crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec ikev2 ipsec-proposal DES
  protocol esp encryption des
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal 3DES
  protocol esp encryption 3des
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES
  protocol esp encryption aes
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES192
  protocol esp encryption aes-192
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES256
  protocol esp encryption aes-256
  protocol esp integrity sha-1 md5
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map 1 match address outside_cryptomap
  crypto map outside_map 1 set peer 189.11.56.237
  crypto map outside_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map 1 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
  crypto map outside_map 2 match address outside_cryptomap_1
  crypto map outside_map 2 set peer 187.16.33.131
  crypto map outside_map 2 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map 2 set ikev2 ipsec-proposal DES 3DES AES AES192 AES256
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto ikev2 policy 1
  encryption aes-256
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 10
  encryption aes-192
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 20
  encryption aes
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 30
  encryption 3des
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 40
  encryption des
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 enable outside
  crypto ikev1 enable outside
  crypto ikev1 ipsec-over-tcp port 10000
  crypto ikev1 policy 10
  authentication crack
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 20
  authentication rsa-sig
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 30
  authentication pre-share
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 40
  authentication crack
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 50
  authentication rsa-sig
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 60
  authentication pre-share
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 70
  authentication crack
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 80
  authentication rsa-sig
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 90
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 100
  authentication crack
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 110
  authentication rsa-sig
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 120
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 130
  authentication crack
  encryption des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 140
  authentication rsa-sig
  encryption des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 150
  authentication pre-share
  encryption des
  hash sha
  group 2
  lifetime 86400
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  vpdn group gvt request dialout pppoe
  vpdn group gvt localname *******@turbonetpro
  vpdn group gvt ppp authentication pap
  vpdn username *******@turbonetpro password *****
  dhcpd auto_config outside
  dhcpd address 172.16.0.144-172.16.1.143 inside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  group-policy crv internal
  group-policy crv attributes
  dns-server value 172.16.0.253 8.8.8.8
  vpn-tunnel-protocol ikev1
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value 1
  default-domain value crvnatural.com.br
  group-policy GroupPolicy_189.11.56.237 internal
  group-policy GroupPolicy_189.11.56.237 attributes
  vpn-filter value 1
  vpn-tunnel-protocol ikev1 ikev2
  group-policy GroupPolicy_187.16.33.131 internal
  group-policy GroupPolicy_187.16.33.131 attributes
  vpn-filter value 1
  vpn-tunnel-protocol ikev1 ikev2
  username master password kWH7f2vqtjMEg2Yp encrypted
  tunnel-group crv type remote-access
  tunnel-group crv general-attributes
  default-group-policy crv
  dhcp-server 172.16.0.253
  tunnel-group crv ipsec-attributes
  ikev1 pre-shared-key *****
  tunnel-group 189.11.**.*** type ipsec-l2l
  tunnel-group 189.11.**.*** general-attributes
  default-group-policy GroupPolicy_189.11.**.***
  tunnel-group 189.11.**.*** ipsec-attributes
  ikev1 pre-shared-key *****
  ikev2 remote-authentication pre-shared-key ****
  ikev2 local-authentication pre-shared-key *****
  tunnel-group 187.16.33.*** type ipsec-l2l
  tunnel-group 187.16.33.*** general-attributes
  default-group-policy GroupPolicy_187.16.33.***
  tunnel-group 187.16.33.*** ipsec-attributes
  ikev1 pre-shared-key ******
  ikev2 remote-authentication pre-shared-key *****
  ikev2 local-authentication pre-shared-key *****
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny 
    inspect sunrpc
    inspect xdmcp
    inspect sip 
    inspect netbios
    inspect tftp
    inspect ip-options
  service-policy global_policy global
  prompt hostname context
  call-home
  profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:50ed6f55182534a2429d065a26e9b45c
  : end

  David,
  In order to understand why LDAP is not working run a "debug ldap 255" and then try to login or run a AAA test.
  Attach the output to find out the issue.
  Please check this out as well, to make sure that you have the correct settings:
  ASA 8.0: Configure LDAP Authentication for WebVPN Users
  HTH.
  Portu.