Hi,
I am trying to get a client initiated L2tp vpn config working between a 1721 and a 2650 but I am having no luck. I feel like something is missing on the tunnel server, I have followed cisco's guides and their configs verbatim.
Here are my configs:
Client Router (c1700-k9o3sy7-mz.123-7.XR7.bin):
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname peer1
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
!
!
--More--
22:01:46: Vp1 PPP: Authorization required
!
!
no ip domain lookup
ip cef
ip ids po max-events 100
vpdn enable
!
vpdn-group 1
!
l2tp-class l2tpclass1
hidden
authentication
hostname peer1
password 7 13061E010803
receive-window 128
retransmit timeout max 4
retransmit initial retries 1
retransmit initial timeout min 8
timeout setup 60
!
ipv6 unicast-routing
pseudowire-class pwclass1
encapsulation l2tpv2
protocol l2tpv2 l2tpclass1
ip local interface FastEthernet0
ip pmtu max 1500
ip tos reflect
!
!
!
!
!
!
!
!
!
interface Loopback1
ip address 192.168.160.1 255.255.255.0
!
interface FastEthernet0
ip address dhcp
ip virtual-reassembly
speed auto
full-duplex
!
interface FastEthernet1
no ip address
shutdown
!
interface FastEthernet2
no ip address
shutdown
!
interface FastEthernet3
no ip address
shutdown
!
interface FastEthernet4
no ip address
shutdown
!
interface Virtual-PPP1
ip address negotiated
ip mtu 1452
keepalive 30
no cdp enable
ppp lcp predictive
ppp authentication chap callin
ppp chap hostname peer1
ppp chap password 0 cisco
ppp pap sent-username rmcnutt password 0 d1g1tal
pseudowire 192.168.254.13 1 encapsulation l2tpv2 pw-class pwclass1
!
interface Vlan1
no ip address
!
ip classless
ip route 10.10.10.0 255.255.255.0 Virtual-PPP1
no ip http server
no ip http secure-server
!
!
!
dialer-list 1 protocol ip permit
no cdp run
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line aux 0
line vty 0 4
password cisco
login
!
end
Tunnel Server (2600-is-mz.123-26.bin):
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname peer2
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 debugging
enable secret 5 $1$sTqL$RzATGbc79ynqeIC8qUlMT/
!
no network-clock-participate slot 1
no network-clock-participate wic 0
aaa new-model
!
aaa user profile peer1
!
aaa authorization network default local
aaa session-id common
ip subnet-zero
ip cef
!
!
!
vpdn enable
!
vpdn-group 1
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname peer1
!
isdn switch-type basic-ni
!
!
!
voice service voip
!
!
!
!
!
!
!
!
!
fax interface-type fax-mail
username rmcnutt privilege 15 password 0 d1g1tal
username peer1 password 0 cisco
!
!
!
!
!
interface Loopback1
ip address 10.10.10.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.254.13 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
service-module t1 timeslots 1-24
!
interface BRI0/0
no ip address
encapsulation hdlc
shutdown
isdn switch-type basic-ni
!
interface Virtual-Template1
ip unnumbered Loopback1
ip mroute-cache
peer default ip address pool DIAL-IN
ppp authentication chap
ppp chap hostname peer2
!
ip local pool DIAL-IN 172.25.6.200 172.25.6.250
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.254.1
!
!
!
!
!
!
!
!
dial-peer cor custom
!
!
!
!
line con 0
line aux 0
line vty 0 4
password 1234
!
!
end
---------------------
The client router keeps outputting
Vp1 PPP: Authorization required
I am trying to get a client initiated L2tp vpn config working between a 1721 and a 2650 but I am having no luck. I feel like something is missing on the tunnel server, I have followed cisco's guides and their configs verbatim.
Here are my configs:
Client Router (c1700-k9o3sy7-mz.123-7.XR7.bin):
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname peer1
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
!
!
--More--
22:01:46: Vp1 PPP: Authorization required
!
!
no ip domain lookup
ip cef
ip ids po max-events 100
vpdn enable
!
vpdn-group 1
!
l2tp-class l2tpclass1
hidden
authentication
hostname peer1
password 7 13061E010803
receive-window 128
retransmit timeout max 4
retransmit initial retries 1
retransmit initial timeout min 8
timeout setup 60
!
ipv6 unicast-routing
pseudowire-class pwclass1
encapsulation l2tpv2
protocol l2tpv2 l2tpclass1
ip local interface FastEthernet0
ip pmtu max 1500
ip tos reflect
!
!
!
!
!
!
!
!
!
interface Loopback1
ip address 192.168.160.1 255.255.255.0
!
interface FastEthernet0
ip address dhcp
ip virtual-reassembly
speed auto
full-duplex
!
interface FastEthernet1
no ip address
shutdown
!
interface FastEthernet2
no ip address
shutdown
!
interface FastEthernet3
no ip address
shutdown
!
interface FastEthernet4
no ip address
shutdown
!
interface Virtual-PPP1
ip address negotiated
ip mtu 1452
keepalive 30
no cdp enable
ppp lcp predictive
ppp authentication chap callin
ppp chap hostname peer1
ppp chap password 0 cisco
ppp pap sent-username rmcnutt password 0 d1g1tal
pseudowire 192.168.254.13 1 encapsulation l2tpv2 pw-class pwclass1
!
interface Vlan1
no ip address
!
ip classless
ip route 10.10.10.0 255.255.255.0 Virtual-PPP1
no ip http server
no ip http secure-server
!
!
!
dialer-list 1 protocol ip permit
no cdp run
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line aux 0
line vty 0 4
password cisco
login
!
end
Tunnel Server (2600-is-mz.123-26.bin):
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname peer2
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 debugging
enable secret 5 $1$sTqL$RzATGbc79ynqeIC8qUlMT/
!
no network-clock-participate slot 1
no network-clock-participate wic 0
aaa new-model
!
aaa user profile peer1
!
aaa authorization network default local
aaa session-id common
ip subnet-zero
ip cef
!
!
!
vpdn enable
!
vpdn-group 1
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname peer1
!
isdn switch-type basic-ni
!
!
!
voice service voip
!
!
!
!
!
!
!
!
!
fax interface-type fax-mail
username rmcnutt privilege 15 password 0 d1g1tal
username peer1 password 0 cisco
!
!
!
!
!
interface Loopback1
ip address 10.10.10.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.254.13 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
service-module t1 timeslots 1-24
!
interface BRI0/0
no ip address
encapsulation hdlc
shutdown
isdn switch-type basic-ni
!
interface Virtual-Template1
ip unnumbered Loopback1
ip mroute-cache
peer default ip address pool DIAL-IN
ppp authentication chap
ppp chap hostname peer2
!
ip local pool DIAL-IN 172.25.6.200 172.25.6.250
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.254.1
!
!
!
!
!
!
!
!
dial-peer cor custom
!
!
!
!
line con 0
line aux 0
line vty 0 4
password 1234
!
!
end
---------------------
The client router keeps outputting
Vp1 PPP: Authorization required