发布日期:2023-03-31来源:武汉北大青鸟武汉校区作者:武汉宏鹏
网络技术:思科路由器设置VPDN的方法-武汉北大青鸟
1 启用aaa new-model
aaa new-model
2、建立认证方式
aaa authentication ppp mytest local (这里为本地认证)
3、启用VPDN
vpdn enable
4、建立VPDN组
vpdn-group mytest
! Default L2TP VPDN group
accept-dialin
protocol l2tp
virtual-template 1
local name mytest-name
lcp renegotiation always //注意非常重要,否则LCP不会自协商,那么路由器的MTU值一定要和对方LAC发过来的要匹配,否则LCP失败
l2tp tunnel password 7 00090A1201481F
source-ip x.x.x.x
5、建立IP 本地POOL
ip local pool mytest-01 172.23.1.2 172.23.1.254
6、配置虚模板
interface Virtual-Template1
ip address 172.23.1.1 255.255.255.0
peer default ip address pool mytest-01
ppp authentication pap mytest
5200g
domain qh.org
authentication-scheme vpdn_none
accounting-scheme vpdn_none
l2tp-group qh.org
l2tp-group qh.org
tunnel password simple mytest
tunnel name mytest
start l2tp ip x.x.x.x
tunnel source LoopBack0
附:L2TP协议结构
1、IP包头 20字节
2、UDP报头 8字节
3、L2TP报头 12字节:包括:
1)the version and flag fields (2 bytes)
2)the tunnel id and session id fields (2 bytes each)
3)2 bytes of padding offset
4)4 bytes of Point-to-Point Protocol (PPP) encapsulation
//以下是没有启用LCP自协商的DEBUG 连接失败
Jul 25 00:03:48.084: Vi1 VPDN: Virtual interface created for qh@qh.org
Jul 25 00:03:48.084: Vi1 PPP: Phase is DOWN, Setup
Jul 25 00:03:48.084: Vi1 VPDN: Clone from Vtemplate 1 filterPPP=0 blocking
Jul 25 00:03:48.204: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
Jul 25 00:03:48.204: Vi1 PPP: Using set call direction
Jul 25 00:03:48.204: Vi1 PPP: Treating connection as a callin
Jul 25 00:03:48.204: Vi1 PPP: Phase is ESTABLISHING, Passive Open
Jul 25 00:03:48.204: Vi1 LCP: State is Listen
Jul 25 00:03:48.204: Vi1 VPDN: Bind interface direction=2
Jul 25 00:03:48.204: Vi1 LCP: I FORCED CONFREQ len 14
Jul 25 00:03:48.204: Vi1 LCP: MRU 1492 (0x010405D4)
Jul 25 00:03:48.204: Vi1 LCP: AuthProto PAP (0x0304C023)
Jul 25 00:03:48.204: Vi1 LCP: MagicNumber 0x01022143 (0x050601022143)
Jul 25 00:03:48.204: Vi1 VPDN: PPP LCP accepted rcv CONFACK
Jul 25 00:03:48.204: Vi1 LCP: I FORCED CONFACK len 10
Jul 25 00:03:48.204: Vi1 LCP: MRU 1480 (0x010405C8)
Jul 25 00:03:48.204: Vi1 LCP: MagicNumber 0x082D5DCE (0x0506082D5DCE)
Jul 25 00:03:48.204: Vi1 VPDN: PPP LCP not accepting sent CONFACK
Jul 25 00:03:48.204: Vi1 VPDN: Unbind interface
Jul 25 00:03:48.296: Vi1 PPP: No remote authentication for call-in
Jul 25 00:03:48.560: Vi1 PPP: Missed link down notification
Jul 25 00:03:48.560: Vi1 LCP: State is Closed
Jul 25 00:03:48.560: Vi1 PPP: Phase is DOWN
//以下是启用了LCP自协商的DEBUG
Jul 24 23:53:08.188: Vi1 VPDN: Virtual interface created for qh@qh.org
Jul 24 23:53:08.188: Vi1 PPP: Phase is DOWN, Setup
Jul 24 23:53:08.188: Vi1 VPDN: Clone from Vtemplate 1 filterPPP=0 blocking
Jul 24 23:53:08.308: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
Jul 24 23:53:08.308: Vi1 PPP: Using set call direction
Jul 24 23:53:08.308: Vi1 PPP: Treating connection as a callin
Jul 24 23:53:08.308: Vi1 PPP: Phase is ESTABLISHING, Passive Open
Jul 24 23:53:08.308: Vi1 LCP: State is Listen
Jul 24 23:53:08.308: Vi1 VPDN: Bind interface direction=2
Jul 24 23:53:08.308: Vi1 VPDN: Initiated LCP negotiation
Jul 24 23:53:08.308: Vi1 LCP: O CONFREQ [Listen] id 1 len 14
Jul 24 23:53:08.308: Vi1 LCP: AuthProto PAP (0x0304C023)
Jul 24 23:53:08.308: Vi1 LCP: MagicNumber 0xC1CD483A (0x0506C1CD483A)
Jul 24 23:53:08.308: Vi1 VPDN: O out
Jul 24 23:53:08.308: Vi1 Tnl/Cl 59610/37 L2TP: Proc switch into tunnel,x.x.x.x(1701) to y.y.y.y(1701), len 54
Jul 24 23:53:08.316: Vi1 PPP: I pkt type 0xC021, datagramsize 18
Jul 24 23:53:08.316: Vi1 PPP: I pkt type 0xC021, datagramsize 18
Jul 24 23:53:08.316: Vi1 LCP: I CONFREQ [REQsent] id 4 len 14
Jul 24 23:53:08.316: Vi1 LCP: MRU 1480 (0x010405C8)
Jul 24 23:53:08.316: Vi1 LCP: MagicNumber 0x25603892 (0x050625603892)
Jul 24 23:53:08.316: Vi1 LCP: O CONFNAK [REQsent] id 4 len 8
Jul 24 23:53:08.316: Vi1 LCP: MRU 1500 (0x010405DC)
Jul 24 23:53:08.316: Vi1 VPDN: O out
Jul 24 23:53:08.316: Vi1 LCP: I CONFACK [REQsent] id 1 len 14
Jul 24 23:53:08.316: Vi1 LCP: AuthProto PAP (0x0304C023)
Jul 24 23:53:08.316: Vi1 LCP: MagicNumber 0xC1CD483A (0x0506C1CD483A)
Jul 24 23:53:08.316: Vi1 Tnl/Cl 59610/37 L2TP: Proc switch into tunnel, x.x.x.x(1701) to y.y.y.y(1701), len 48
Jul 24 23:53:08.324: Vi1 PPP: I pkt type 0xC021, datagramsize 18
Jul 24 23:53:08.324: Vi1 LCP: I CONFREQ [ACKrcvd] id 5 len 14
Jul 24 23:53:08.324: Vi1 LCP: MRU 1480 (0x010405C8)
Jul 24 23:53:08.324: Vi1 LCP: MagicNumber 0x25603892 (0x050625603892)
Jul 24 23:53:08.324: Vi1 LCP: O CONFNAK [ACKrcvd] id 5 len 8
Jul 24 23:53:08.328: Vi1 LCP: MRU 1500 (0x010405DC)
Jul 24 23:53:08.328: Vi1 VPDN: O out
Jul 24 23:53:08.328: Vi1 Tnl/Cl 59610/37 L2TP: Proc switch into tunnel, x.x.x.x(1701) to y.y.y.y(1701), len 48
Jul 24 23:53:08.336: Vi1 PPP: I pkt type 0xC021, datagramsize 18
Jul 24 23:53:08.336: Vi1 LCP: I CONFREQ [ACKrcvd] id 6 len 14
Jul 24 23:53:08.336: Vi1 LCP: MRU 1500 (0x010405DC)
Jul 24 23:53:08.336: Vi1 LCP: MagicNumber 0x25603892 (0x050625603892)
Jul 24 23:53:08.336: Vi1 LCP: O CONFACK [ACKrcvd] id 6 len 14
Jul 24 23:53:08.336: Vi1 LCP: MRU 1500 (0x010405DC)
Jul 24 23:53:08.336: Vi1 LCP: MagicNumber 0x25603892 (0x050625603892)
Jul 24 23:53:08.336: Vi1 VPDN: O out
Jul 24 23:53:08.336: Vi1 LCP: State is Open
Jul 24 23:53:08.336: Vi1 PPP: Phase is AUTHENTICATING, by this end
Jul 24 23:53:08.336: Vi1 Tnl/Cl 59610/37 L2TP: Proc switch into tunnel, x.x.x.x(1701) to y.y.y.y(1701), len 54
Jul 24 23:53:08.348: Vi1 PPP: I pkt type 0xC021, datagramsize 22
Jul 24 23:53:08.348: Vi1 PPP: I pkt type 0xC021, datagramsize 35
Jul 24 23:53:08.348: Vi1 PPP: I pkt type 0xC023, datagramsize 24
Jul 24 23:53:08.348: Vi1 LCP: I IDENTIFY [Open] id 7 len 18 magic 0x25603892 MSRASV5.10
Jul 24 23:53:08.348: Vi1 LCP: I IDENTIFY [Open] id 8 len 31 magic 0x25603892 MSRAS-0-A575A48C8932456
Jul 24 23:53:08.348: Vi1 PAP: I AUTH-REQ id 3 len 20 from "qh@qh.org"
Jul 24 23:53:08.348: Vi1 PAP: Authenticating peer qh@qh.org
Jul 24 23:53:08.348: Vi1 PAP: O AUTH-NAK id 3 len 32 msg is "Password validation failure"
Jul 24 23:53:08.348: Vi1 VPDN: O out
Jul 24 23:53:08.348: Vi1 PPP: Phase is TERMINATING
Jul 24 23:53:08.348: Vi1 LCP: O TERMREQ [Open] id 2 len 4
Jul 24 23:53:08.348: Vi1 VPDN: O out
Jul 24 23:53:08.348: Vi1 Tnl/Cl 59610/37 L2TP: Proc switch into tunnel, x.x.x.x(1701) to y.y.y.y(1701), len 72
Jul 24 23:53:08.348: Vi1 Tnl/Cl 59610/37 L2TP: Proc switch into tunnel, x.x.x.x(1701) to y.y.y.y(1701), len 44
Jul 24 23:53:08.364: Vi1 PPP: I pkt type 0xC021, datagramsize 8
Jul 24 23:53:08.364: Vi1 LCP: I TERMACK [TERMsent] id 2 len 4
Jul 24 23:53:08.364: Vi1 LCP: State is Closed
Jul 24 23:53:08.364: Vi1 PPP: Phase is DOWN
Jul 24 23:53:08.364: Vi1 VPDN: Cleanup
Jul 24 23:53:08.364: Vi1 VPDN: Reset
Jul 24 23:53:08.364: Vi1 VPDN: Reset
Jul 24 23:53:08.364: Vi1 VPDN: Unbind interface
Jul 24 23:53:08.364: Vi1 VPDN: Unbind interface
Jul 24 23:53:08.364: Vi1 VPDN: Reset
Jul 24 23:53:08.364: Vi1 VPDN: Unbind interface
Jul 24 23:53:08.364: Vi1 PPP: Phase is ESTABLISHING, Passive Open
Jul 24 23:53:08.364: Vi1 LCP: State is Listen
Jul 24 23:53:08.456: Vi1 PPP: No remote authentication for call-in
Jul 24 23:53:08.560: Vi1 PPP: Missed link down notification
Jul 24 23:53:08.560: Vi1 LCP: State is Closed
Jul 24 23:53:08.560: Vi1 PPP: Phase is DOWN
//没有启用LCP自协商,但在设备上修改了MTU以使协商成功
Jul 25 00:14:34.364: Vi1 VPDN: Virtual interface created for qh@qh.org
Jul 25 00:14:34.364: Vi1 PPP: Phase is DOWN, Setup
Jul 25 00:14:34.364: Vi1 VPDN: Clone from Vtemplate 1 filterPPP=0 blocking
Jul 25 00:14:34.492: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
Jul 25 00:14:34.492: Vi1 PPP: Using set call direction
Jul 25 00:14:34.492: Vi1 PPP: Treating connection as a callin
Jul 25 00:14:34.492: Vi1 PPP: Phase is ESTABLISHING, Passive Open
Jul 25 00:14:34.492: Vi1 LCP: State is Listen
Jul 25 00:14:34.492: Vi1 VPDN: Bind interface direction=2
Jul 25 00:14:34.492: Vi1 LCP: I FORCED CONFREQ len 14
Jul 25 00:14:34.492: Vi1 LCP: MRU 1492 (0x010405D4)
Jul 25 00:14:34.492: Vi1 LCP: AuthProto PAP (0x0304C023)
Jul 25 00:14:34.492: Vi1 LCP: MagicNumber 0x01021BAD (0x050601021BAD)
Jul 25 00:14:34.492: Vi1 VPDN: PPP LCP accepted rcv CONFACK
Jul 25 00:14:34.492: Vi1 LCP: I FORCED CONFACK len 10
Jul 25 00:14:34.492: Vi1 LCP: MRU 1480 (0x010405C8)
Jul 25 00:14:34.492: Vi1 LCP: MagicNumber 0x3C58377D (0x05063C58377D)
Jul 25 00:14:34.492: Vi1 VPDN: PPP LCP accepted sent CONFACK
Jul 25 00:14:34.492: Vi1 PPP: Phase is AUTHENTICATING, by this end
Jul 25 00:14:34.492: Vi1 PPP: I pkt type 0xC023, datagramsize 25
Jul 25 00:14:34.492: Vi1 PAP: I AUTH-REQ id 9 len 21 from "qh@qh.org"
Jul 25 00:14:34.492: Vi1 PAP: Authenticating peer qh@qh.org
Jul 25 00:14:34.492: Vi1 PAP: O AUTH-ACK id 9 len 5
Jul 25 00:14:34.492: Vi1 VPDN: O out
Jul 25 00:14:34.492: Vi1 PPP: Phase is UP
Jul 25 00:14:34.492: Vi1 IPCP: O CONFREQ [Closed] id 1 len 10
Jul 25 00:14:34.492: Vi1 IPCP: Address 172.23.1.1 (0x0306AC170101)
Jul 25 00:14:34.492: Vi1 VPDN: O out
Jul 25 00:14:34.492: Vi1 Tnl/Cl 16255/43 L2TP: Proc switch into tunnel, x.x.x.x(1701) to y.y.y.y(1701), len 45
Jul 25 00:14:34.496: Vi1 Tnl/Cl 16255/43 L2TP: Proc switch into tunnel, x.x.x.x(1701) to y.y.y.y(1701), len 50
Jul 25 00:14:34.504: Vi1 PPP: I pkt type 0x80FD, datagramsize 14
Jul 25 00:14:34.504: Vi1 PPP: I pkt type 0x8021, datagramsize 38
Jul 25 00:14:34.504: Vi1 CCP: I CONFREQ [Not negotiated] id 4 len 10
Jul 25 00:14:34.504: Vi1 PPP: I pkt type 0x8021, datagramsize 14
Jul 25 00:14:34.504: Vi1 CCP: MS-PPC supported bits 0x00000001 (0x120600000001)
Jul 25 00:14:34.504: Vi1 LCP: O PROTREJ [Open] id 1 len 16 protocol CCP (0x80FD0104000A120600000001)
Jul 25 00:14:34.504: Vi1 VPDN: O out
Jul 25 00:14:34.504: Vi1 IPCP: I CONFREQ [REQsent] id 5 len 34
Jul 25 00:14:34.504: Vi1 IPCP: Address 0.0.0.0 (0x030600000000)
Jul 25 00:14:34.504: Vi1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
Jul 25 00:14:34.504: Vi1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)
Jul 25 00:14:34.504: Vi1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
Jul 25 00:14:34.504: Vi1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)
Jul 25 00:14:34.504: Vi1 IPCP: Pool returned 172.23.1.2
Jul 25 00:14:34.508: Vi1 IPCP: O CONFREJ [REQsent] id 5 len 28
Jul 25 00:14:34.508: Vi1 IPCP: PrimaryDNS 0.0.0.0 (0x810600000000)
Jul 25 00:14:34.508: Vi1 IPCP: PrimaryWINS 0.0.0.0 (0x820600000000)
Jul 25 00:14:34.508: Vi1 IPCP: SecondaryDNS 0.0.0.0 (0x830600000000)
Jul 25 00:14:34.508: Vi1 IPCP: SecondaryWINS 0.0.0.0 (0x840600000000)
Jul 25 00:14:34.508: Vi1 VPDN: O out
Jul 25 00:14:34.508: Vi1 IPCP: I CONFACK [REQsent] id 1 len 10
Jul 25 00:14:34.508: Vi1 IPCP: Address 172.23.1.1 (0x0306AC170101)
Jul 25 00:14:34.508: Vi1 Tnl/Cl 16255/43 L2TP: Proc switch into tunnel, x.x.x.x(1701) to y.y.y.y(1701), len 56
Jul 25 00:14:34.508: Vi1 Tnl/Cl 16255/43 L2TP: Proc switch into tunnel, x.x.x.x(1701) to y.y.y.y(1701), len 68
Jul 25 00:14:34.508: Vi1 PPP: I pkt type 0x8021, datagramsize 14
Jul 25 00:14:34.508: Vi1 IPCP: I CONFREQ [ACKrcvd] id 6 len 10
Jul 25 00:14:34.508: Vi1 IPCP: Address 0.0.0.0 (0x030600000000)
Jul 25 00:14:34.508: Vi1 IPCP: O CONFNAK [ACKrcvd] id 6 len 10
Jul 25 00:14:34.508: Vi1 IPCP: Address 172.23.1.2 (0x0306AC170102)
Jul 25 00:14:34.512: Vi1 VPDN: O out
Jul 25 00:14:34.512: Vi1 Tnl/Cl 16255/43 L2TP: Proc switch into tunnel, x.x.x.x(1701) to y.y.y.y(1701), len 50
Jul 25 00:14:34.520: Vi1 PPP: I pkt type 0x8021, datagramsize 14
Jul 25 00:14:34.520: Vi1 IPCP: I CONFREQ [ACKrcvd] id 7 len 10
Jul 25 00:14:34.520: Vi1 IPCP: Address 172.23.1.2 (0x0306AC170102)
Jul 25 00:14:34.520: Vi1 IPCP: O CONFACK [ACKrcvd] id 7 len 10
Jul 25 00:14:34.520: Vi1 IPCP: Address 172.23.1.2 (0x0306AC170102)
Jul 25 00:14:34.520: Vi1 VPDN: O out
Jul 25 00:14:34.520: Vi1 IPCP: State is Open
Jul 25 00:14:34.520: Vi1 Tnl/Cl 16255/43 L2TP: Proc switch into tunnel, x.x.x.x(1701) to y.y.y.y1701), len 50
Jul 25 00:14:34.520: Vi1 IPCP: Install route to 172.23.1.2
Jul 25 00:14:34.584: Vi1 PPP: I pkt type 0x0021, datagramsize 332
Jul 25 00:14:35.492: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up
Jul 25 00:14:36.492: Vi1 LCP: TIMEout: State Open
Jul 25 00:14:38.560: Vi1 LCP: O ECHOREQ [Open] id 1 len 12 magic 0x01021BAD
Jul 25 00:14:38.560: Vi1 VPDN: O out
Jul 25 00:14:38.560: Vi1 Tnl/Cl 16255/43 L2TP: Proc switch into tunnel, x.x.x.x(1701) to y.y.y.y(1701), len 52
Jul 25 00:14:38.564: Vi1 PPP: I pkt type 0xC021, datagramsize 16
Jul 25 00:14:38.564: Vi1 LCP: I ECHOREP [Open] id 1 len 12 magic 0x3C58377D
Jul 25 00:14:38.564: Vi1 LCP: Received id 1, sent id 1, line up
Jul 25 00:14:38.584: Vi1 PPP: I pkt type 0x0021, datagramsize 332
想了解更多请继续关注武汉北大青鸟官网。
北大青鸟武汉校区
武汉市洪山区珞喻路724号(地铁二号线光谷广场站F口出
Copyright (c) 2006-2023 武汉宏鹏教育咨询有限公司 版权所有 All Rights Reserved.
