思科路由器设置VPDN的方法

发布时间:2017-03-09 00:00:00 编辑:小静 手机版

  CCNA 重新认证:CCNA认证证书的时效性是三年。要重新更新证书,必须通过CCNA的考试(如果通过的下一阶段CCNP的考试,CCNA认证证书会被自动更新)下面是小编整理的关于思科路由器设置VPDN的方法,欢迎大家参考!

  1 启用aaa new-model

  aaa new-model

  2、建立认证方式

  aaa authentication ppp mytest local (这里为本地认证)

  3、启用VPDN

  vpdn enable

  4、建立VPDN组

  vpdn-group mytest

  ! Default L2TP VPDN group

  accept-dialin

  protocol l2tp

  virtual-template 1

  local name mytest-name

  lcp renegotiation always //注意非常重要,否则LCP不会自协商,那么路由器的MTU值一定要和对方LAC发过来的要匹配,否则LCP失败

  l2tp tunnel password 7 00090A1201481F

  source-ip x.x.x.x

  5、建立IP 本地POOL

  ip local pool mytest-01 172.23.1.2 172.23.1.254

  6、配置虚模板

  interface Virtual-Template1

  ip address 172.23.1.1 255.255.255.0

  peer default ip address pool mytest-01

  ppp authentication pap mytest

  5200g

  domain qh.org

  authentication-scheme vpdn_none

  accounting-scheme vpdn_none

  l2tp-group qh.org

  l2tp-group qh.org

  tunnel password simple mytest

  tunnel name mytest

  start l2tp ip x.x.x.x

  tunnel source LoopBack0

  附:L2TP协议结构

  1、IP包头 20字节

  2、UDP报头 8字节

  3、L2TP报头 12字节:包括:

  1)the version and flag fields (2 bytes)

  2)the tunnel id and session id fields (2 bytes each)

  3)2 bytes of padding offset

  4)4 bytes of Point-to-Point Protocol (PPP) encapsulation

  //以下是没有启用LCP自协商的DEBUG 连接失败

  Jul 25 00:03:48.084: Vi1 VPDN: Virtual interface created for qh@qh.org

  Jul 25 00:03:48.084: Vi1 PPP: Phase is DOWN, Setup

  Jul 25 00:03:48.084: Vi1 VPDN: Clone from Vtemplate 1 filterPPP=0 blocking

  Jul 25 00:03:48.204: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up

  Jul 25 00:03:48.204: Vi1 PPP: Using set call direction

  Jul 25 00:03:48.204: Vi1 PPP: Treating connection as a callin

  Jul 25 00:03:48.204: Vi1 PPP: Phase is ESTABLISHING, Passive Open

  Jul 25 00:03:48.204: Vi1 LCP: State is Listen

  Jul 25 00:03:48.204: Vi1 VPDN: Bind interface direction=2

  Jul 25 00:03:48.204: Vi1 LCP: I FORCED CONFREQ len 14

  Jul 25 00:03:48.204: Vi1 LCP: MRU 1492 (0x010405D4)

  Jul 25 00:03:48.204: Vi1 LCP: AuthProto PAP (0x0304C023)

  Jul 25 00:03:48.204: Vi1 LCP: MagicNumber 0x01022143 (0x050601022143)

  Jul 25 00:03:48.204: Vi1 VPDN: PPP LCP accepted rcv CONFACK

  Jul 25 00:03:48.204: Vi1 LCP: I FORCED CONFACK len 10

  Jul 25 00:03:48.204: Vi1 LCP: MRU 1480 (0x010405C8)

  Jul 25 00:03:48.204: Vi1 LCP: MagicNumber 0x082D5DCE (0x0506082D5DCE)

  Jul 25 00:03:48.204: Vi1 VPDN: PPP LCP not accepting sent CONFACK

  Jul 25 00:03:48.204: Vi1 VPDN: Unbind interface

  Jul 25 00:03:48.296: Vi1 PPP: No remote authentication for call-in

  Jul 25 00:03:48.560: Vi1 PPP: Missed link down notification

  Jul 25 00:03:48.560: Vi1 LCP: State is Closed

本文已影响867
+1
0