12 janv. 2012

LAC - LNS - PPP, PPPoE, L2TP

LNS:
!
hostname LNS
!
vpdn enable
vpdn multihop
!
vpdn-group L2TP-LNS
 accept-dialin
  protocol l2tp
  virtual-template 1
 terminate-from hostname LAC
 local name LNS
 no l2tp tunnel authentication
 relay pppoe bba-group PPPoE
!
bba-group pppoe PPPoE
 virtual-template 1
!         
interface Loopback0
 ip address 10.0.0.3 255.255.255.255
!
interface Loopback999
 description for_tests
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet1/0
 no ip address
 no shutdown

 duplex auto
 speed auto
 no keepalive
!
interface FastEthernet1/0.203
 encapsulation dot1q 203
 ip address 192.168.23.3 255.255.255.0
!
interface Virtual-Template1
 ip unnumbered Loopback0
 peer default ip address pool PPP_Pool
 keepalive 240
!
ip local pool PPP_Pool 210.1.1.1 210.1.1.254
ip route 10.0.0.2 255.255.255.255 192.168.23.2 name LNS-to-LAC
!
no cdp run
!


LAC:
hostname LAC
!
subscriber profile PPPoE_Profile
 service relay pppoe vpdn group L2TP-LAC
!
vpdn enable
vpdn source-ip 10.0.0.2
!
vpdn-group L2TP-LAC
 request-dialin
  protocol l2tp
  domain test.com
 initiate-to ip 10.0.0.3 
 local name LAC
 no l2tp tunnel authentication
 l2tp tunnel receive-window 1         
!
bba-group pppoe PPPoE
 virtual-template 1
 service profile PPPoE_Profile
!
!
interface Loopback0
 ip address 10.0.0.2 255.255.255.255
!
interface FastEthernet1/0
 no ip address
 no shutdown
 duplex auto
 speed auto
 no keepalive
!
interface FastEthernet1/0.102
 encapsulation dot1q 102
 no ip address
 pppoe enable group PPPoE
!
interface FastEthernet1/0.203
 encapsulation dot1q 203
 ip address 192.168.23.2 255.255.255.0
!
interface Virtual-Template1
 ip unnumbered Loopback0
!
ip route 10.0.0.3 255.255.255.255 192.168.23.3 name LAC-to-LNS
!
no cdp run
!

CPE:
!
hostname CPE
!
interface Loopback0
 ip address 123.123.123.123 255.255.255.255
!
interface FastEthernet1/0
 no ip address
 no shutdown

 duplex auto
 speed auto
 no keepalive
!
interface FastEthernet1/0.102
 encapsulation dot1q 102
 pppoe enable group global
 pppoe-client dial-pool-number 1
!         
interface Dialer1
 ip address negotiated
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 0
 dialer-group 1
 ppp ipcp route default
!
no cdp run
!



To take traces:
  • no cdp run 
  • no keepalive on interfaces
  • change keepalive (240s) on interface Dialer 1 (CPE) and interface Virtual-Template (LNS).




-
Libellés :

NTP - ACL

NTP - Network Time Protocol Packet types: -  Control messages : don't bother with this. -  NTP request/update messages: used for time sy...

  • Unicast Reverse Path Forwarding (uRPF)
    Unicast Reverse Path Forwarding (uRPF) uRPF est une feature permettant d'éviter l'IP Spoofing. Lorsque urpf est activé sur une in...
  • NTP - ACL
    NTP - Network Time Protocol Packet types: -  Control messages : don't bother with this. -  NTP request/update messages: used for time sy...
  • Basic IPsec Virtual Tunnel Interface - VTI
    Le but est de monter un tunnel IPSec entre deux routeurs en utilisant des VTI. La clé partagée est: 1234. hostname R1 ! crypto isakm...