谁知道思科企业级路由器怎么设置VPDN?

发布网友 发布时间：2022-04-21 13:20

我来回答

共1个回答

热心网友 时间：2022-06-07 08:35

1
启用aaa
new-model
aaa
new-model
2、建立认证方式
aaa
authentication
ppp
mytest
local
（这里为本地认证）
3、启用VPDN
vpdn
enable
4、建立VPDN组
vpdn-group
mytest
!
Default
L2TP
VPDN
group
accept-dialin
protocol
l2tp
virtual-template
1
local
name
mytest-name
lcp
renegotiation
always
//注意非常重要，否则LCP不会自协商，那么路由器的MTU值一定要和对方LAC发过来的要匹配，否则LCP失败
l2tp
tunnel
password
7
00090A1201481F
source-ip
x.x.x.x
5、建立IP
本地POOL
ip
local
pool
mytest-01
172.23.1.2
172.23.1.254
6、配置虚模板
interface
Virtual-Template1
ip
address
172.23.1.1
255.255.255.0
peer
default
ip
address
pool
mytest-01
ppp
authentication
pap
mytest
5200g
domain
qh.org
authentication-scheme
vpdn_none
accounting-scheme
vpdn_none
l2tp-group
qh.org
l2tp-group
qh.org
tunnel
password
simple
mytest
tunnel
name
mytest
start
l2tp
ip
x.x.x.x
tunnel
source
LoopBack0
附：L2TP协议结构
1、IP包头
20字节
2、UDP报头
8字节
3、L2TP报头
12字节：包括：
1）the
version
and
flag
fields
（2
bytes）
2）the
tunnel
id
and
session
id
fields
（2
bytes
each）
3）2
bytes
of
padding
offset
4）4
bytes
of
Point-to-Point
Protocol
（PPP）
encapsulation
//以下是没有启用LCP自协商的DEBUG
连接失败
Jul
25
00:03:48.084:
Vi1
VPDN:
Virtual
interface
created
for
qh@qh.org
Jul
25
00:03:48.084:
Vi1
PPP:
Phase
is
DOWN,
Setup
Jul
25
00:03:48.084:
Vi1
VPDN:
Clone
from
Vtemplate
1
filterPPP=0
blocking
Jul
25
00:03:48.204:
%LINK-3-UPDOWN:
Interface
Virtual-Access1,
changed
state
to
up
Jul
25
00:03:48.204:
Vi1
PPP:
Using
set
call
direction
Jul
25
00:03:48.204:
Vi1
PPP:
Treating
connection
as
a
callin
Jul
25
00:03:48.204:
Vi1
PPP:
Phase
is
ESTABLISHING,
Passive
Open
Jul
25
00:03:48.204:
Vi1
LCP:
State
is
Listen
Jul
25
00:03:48.204:
Vi1
VPDN:
Bind
interface
direction=2
Jul
25
00:03:48.204:
Vi1
LCP:
I
FORCED
CONFREQ
len
14
Jul
25
00:03:48.204:
Vi1
LCP:
MRU
1492
（0x010405D4）
Jul
25
00:03:48.204:
Vi1
LCP:
AuthProto
PAP
（0x0304C023）
Jul
25
00:03:48.204:
Vi1
LCP:
MagicNumber
0x01022143
（0x050601022143）
Jul
25
00:03:48.204:
Vi1
VPDN:
PPP
LCP
accepted
rcv
CONFACK
Jul
25
00:03:48.204:
Vi1
LCP:
I
FORCED
CONFACK
len
10
Jul
25
00:03:48.204:
Vi1
LCP:
MRU
1480
（0x010405C8）
Jul
25
00:03:48.204:
Vi1
LCP:
MagicNumber
0x082D5DCE
（0x0506082D5DCE）
Jul
25
00:03:48.204:
Vi1
VPDN:
PPP
LCP
not
accepting
sent
CONFACK
Jul
25
00:03:48.204:
Vi1
VPDN:
Unbind
interface
Jul
25
00:03:48.296:
Vi1
PPP:
No
remote
authentication
for
call-in
Jul
25
00:03:48.560:
Vi1
PPP:
Missed
link
down
notification
Jul
25
00:03:48.560:
Vi1
LCP:
State
is
Closed
Jul
25
00:03:48.560:
Vi1
PPP:
Phase
is
DOWN