Thursday, July 30, 2009

PPPOE and L2TP Multihop VPDN

There are many different technology in broadband access network, include DSL, cable , ethernet, wireless etc. PPPoe is commonly used by ADSL technology in ISP. L2tp is one of the most used protocol in broadband network, it is commonly used by operators or broadband access provider to extend their network to ISP as a wholesale.

I tried to make basic concept and configuration about how to implement them. For PC, i'm using windowsXP as a pppoe client, cisco 2600 as lac (vpn-server), 7200 as lns (isg-dev2), 7200 as lns-2 (isg2-jtpd) for terminating ppp session from pc


pc will connect with pppoe using a user with domain @imm.com, vpn-server will accept pppoe request and forward and L2TP based on domain to lns (ISG-DEV2). lns than forward the ppp using l2tp multihop to lns-2 based on multihop lac hostname. lns-2 then will terminate the ppp and give the user ip adress.




DIAGRAM :





CONFIGURATION :

1. pppoe :

VPN-SERVER#

!
vpdn-group pppoe
accept-dialin
protocol pppoe
virtual-template 15
lcp renegotiation always
!


2. VPDN Tunnel Switching :

VPN-SERVER#
!
vpdn search-order domain
!
vpdn-group 1
request-dialin
protocol l2tp
domain imm.com
initiate-to ip 11.0.0.1
local name lac
no source vpdn-template
l2tp tunnel password peditea
!

ISGDEV2#

vpdn-group multihop-in
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname lac
local name lns-multi
l2tp tunnel password 0 peditea

3. VPDN MULTIHOP (L2TP)

ISGDEV2#
!
vpdn multihop
vpdn search-order multihop-hostname
!
vpdn-group multihop
request-dialin
protocol l2tp
multihop hostname lac
initiate-to ip 192.168.89.6
local name lns-multi
l2tp tunnel password 0 peditea
!

ISG-JTPD#
!
vpdn-group 1
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname lns-multi
local name lns-server
l2tp tunnel password 0 peditea
!

VERIFYING :



VPN_SERVER#sh vpdn

L2TP Tunnel and Session Information Total tunnels 1 sessions 1

LocID RemID Remote Name State Remote Address Port Sessions VPDN Group
3402 65399 lns-multi est 11.0.0.1 1701 1 1

LocID RemID TunID Intf Username State Last Chg Uniq ID
964 33172 3402 SSS Circuit -imm@imm.com est 00:00:14 344


ISGDEV2#sh vpdn tunnel

L2TP Tunnel Information Total tunnels 2 sessions 2

LocTunID RemTunID Remote Name State Remote Address Sessn L2TP Class/
Count VPDN Group
30787 61466 lns-server est 192.168.89.6 1 multihop
65399 3402 lac est 11.0.0.2 1 multihop-in


ISG2-JTPD#sh vpdn


L2TP Tunnel and Session Information Total tunnels 1 sessions 1

LocID RemID Remote Name State Remote Address Port Sessions L2TP Class/
VPDN Group
61466 30787 lns-multi est 192.168.89.3 1701 1 1

LocID RemID TunID Username, Intf/ State Last Chg Uniq ID
Vcid, Circuit
8 10696 61466 -imm@imm.com, Vi3 est 00:01:03 491


Reference : http://www.cisco.com/en/US/docs/ios/bbdsl/configuration/guide/bba_understanding_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1049344
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)