Discar e acessar : Virtual Private Dialup Network (VPDN)

Balanceamento de carga e Failover L2TP com Multilink PPP

19 Setembro 2015 - Tradução por Computador
Outras Versões: Versão em PDFpdf | Inglês (22 Agosto 2015) | Feedback


Índice


Introdução

Este documento descreve a funcionalidade de usar o Balanceamento de carga e o Failover com protocolo multilink point-to-point (PPP) no protocolo Layer 2 Tunneling Protocol (L2TP).

Pré-requisitos

Requisitos

Os leitores deste documento devem estar cientes destes tópicos:

  • Virtual Private Dial-up Network (VPDN)

  • L2TP

  • PPP

  • PPP MULTILINK

Componentes Utilizados

Este documento não se restringe a versões de software e hardware específicas.

As informações neste documento foram criadas a partir de dispositivos em um ambiente de laboratório específico. Todos os dispositivos utilizados neste documento foram iniciados com uma configuração (padrão) inicial. Se a sua rede estiver ativa, certifique-se de que entende o impacto potencial de qualquer comando.

Convenções

Para obter mais informações sobre convenções de documento, consulte as Convenções de dicas técnicas Cisco.

Background

O Multilink PPP permite a rachadura, recombining e arranjar em sequência das datagramas ao ser executado através dos links de PPP simultâneos múltiplos. Na extremidade transmitir, o Multilink PPP prevê a fragmentação de um pacote único nos pacotes múltiplos a ser transmitidos através dos links de PPP múltiplos. Na extremidade da recepção, o Multilink PPP fornece o pacote remonta dos links de PPP múltiplos de novo em seu pacote original. Para negociar o Multilink, ambos os pares devem concordar que são Multilink-capazes, isto é, capaz de combinar os links do físico múltiplo em um único enlace lógico (referido frequentemente como um “pacote "). A opção do protocolo de controle de link (LCP) usada para indicar que o par é Multilink permitido é a MAX-Receber-Reconstruir-unidade (MRRU).

A tabela abaixo do resultado do debug do software de Cisco IOS� das mostras de dois Multilink-permitiu dispositivos durante os estágios finais da negociação de LCP. Como você pode ver, ambos enviam CONFACKS que contém a opção MRRU que indica que o Multilink estará usado durante esta sessão de PPP. O discriminador de ponto final é incluído igualmente, embora não seja necessário fazer assim.

Nota: O discriminador de ponto final pode ser usado na nomeação do conjunto multilink, embora o comportamento do Cisco IOS Software do padrão seja usar o nome de usuário autenticado somente.

/image/gif/paws/23982/23982a.bmp

Se você encontra a situação onde o L2TP Access Concentrator (LAC) usou o Balanceamento de carga e escavou um túnel os canais B do par do Multilink aos valores-limite do túnel múltiplo, você vê os exemplos por-LNS da relação do mestre do conjunto multilink. O par começa aos pacotes de fragmento e envia estes simultaneamente sobre os enlaces membros. Cada LNS recebe fragmentos e tenta recombine, arranjar em sequência falha e os fragmentos perdidos são relatados. Em consequência, nenhum dados pode ser passado. Nestas circunstâncias, há uma exigência notificar outros LNS envolvidos no Balanceamento de carga sobre o estado dos usuários multilink que são conectados. Para fazer isto, o LNS precisa de ser colocado em um Multilink de Multichassi PPP (MMP) “grupo de pilhas”. Os recursos MMP são baseados nos protocolos do protocolo stack group bidding (SGBP) e do Level 2 Forwarding (L2F) oferecer e na oferta para a posse das chamadas multilink antes do atendimento que está sendo aceitado. O comando vpdn multihop é exigido permitir os pacotes gerados do host remoto para atravessar mais de um túnel.

Quando o LNS recebe uma chamada multilink antes de terminar a autenticação, o username do telecontrole (de que é o padrão do Cisco IOS Software que nomeia para o nome de pacote multilink) está passado sobre ao SGBP. O SGBP fornece um mecanismo perguntando para posse existente de um atendimento dentro do grupo de pilhas. Se o membro de grupo de pilhas que aceita o atendimento não é o proprietário existente, o SGBP usa um processo de leilão para resolver a posse com os outros membros da pilha. Oferecer é para um usuário particular, não a conexão individual. À revelia, o membro de grupo de pilhas que recebe a primeira chamada sempre ganha o processo de leilão e controla a posse de todas as chamadas subsequente desse usuário. Isto é apesar do LNS de terminação (pela configuração, é possível mudar o comportamento do processo de oferta SGBP, para influenciar quem ganhará o processo de leilão e possuirá o atendimento). Quando todos os atendimentos do usuário são desligados, a posse mestra está abandonada. Um atendimento novo do mesmo usuário começa o processo de leilão outra vez com a definição de um mestre novo.

Balanceamento de carga com sequência da conexão de PPP multilink

  1. Um usuário remoto '2500-1' de SoHo coloca uma chamada multilink, canal único, no LAC. Um enlace de PPP é estabelecido.

  2. O LCP é negociado (os MRRU são incluídos no CONFACKS) e informação de túnel é transferido do RAIO com os pontos finais de túnel a ser usados no Balanceamento de carga.

    O ponto final de túnel '10.51.6.59' é selecionado enquanto o primeiro endereço NON-ativo e a conexão são enviados. O túnel e a sessão são estabelecidos.

  3. O LNS cria a interface de acesso virtual 2 para terminar o túnel L2TP. �

    Somente os comandos que começam com ppp, keepalive, MTU, registo e padrão são copiados do virtual-molde. O virtual-template 1 tem o multilink de PPP configurado. A informação de configuração LCP entregada no ICCN é forçada na pilha da interface de acesso virtual PPP (esta inclui o MRRU negociado LAC).

  4. O LNS usa a resposta AVP-33 da autenticação de proxy, entregada no ICCN, para começar o processo de oferta SGBP para todos os conjuntos multilink existentes com o nome '2500-1'.

    Uma oferta pública de compra da pergunta do mastership é enviada para o pacote '2500-1' com a oferta da semente do padrão dos 50 pés. �

    O membro de SGBP '10.51.6.61' responde com uma oferta do mastership de 0 (o mastership é diminuído) porque não há um pacote existente para '2500-1'. �

    '10.51.6.59' (local) é agora mestre para '2500-1'. Um fim da pergunta do mastership está enviado, com o valor da reivindicação da oferta do mastership de 10000 uma vez que a resolução de propriedade está completa.

  5. A authentication e autorização AAA/PPP ocorre então. Uma solicitação de acesso do RAIO é enviada.

  6. A interface de acesso virtual 1 é criada para o mestre do conjunto multilink e clonada do virtual-template 1.

  7. A negociação PPP IPCP termina e está ABERTA declarado, um host que a rota é instalada. Agora o usuário remoto está conectado, e o fluxo de tráfego pode começar.

  8. Devido aos requisitos de largura de banda, o usuário remoto '2500-1' de SoHo coloca uma segunda chamada multilink ao LAC.

  9. O RAIO é perguntado outra vez para a informação de túnel. Conforme a lógica do Balanceamento de carga, o ponto final de túnel NON-ativo seguinte '10.51.6.61' é selecionado. O túnel e a sessão são estabelecidos.

  10. O LNS cria a interface de acesso virtual 1 para terminar o túnel L2TP. �

    O virtual-template 1 é usado para clonar (tem o “multilink de PPP” configurado), a informação de configuração LCP entregada no ICCN é forçado na pilha da interface de acesso virtual PPP (este inclui o MRRU negociado LAC).

  11. A oferta SGBP é começada para todos os conjuntos multilink existentes com o nome '2500-1' enviando uma oferta da pergunta do mastership para o pacote '2500-1' com a oferta da semente do padrão dos 50 pés.

  12. As'10.51.6.59 é já mestre para '2500-1' que a oferta da sociedade tem um valor da reivindicação de 10000. �

    '10.51.6.61' agora para a frente a conexão PPP a '10.51.6.59'.

    Um túnel L2F é aberto de '10.51.6.61' a '10.51.6.59' (o protocolo de tunelamento do padrão para o Multilink de Multichassi PPP é L2F).

    O túnel é autenticado usando o nome de usuário de grupo SGBP “MULTIHOP”. O túnel e a sessão L2F são abertos.

  13. A sessão de PPP é L2F enviada a '10.51.6.59'. A interface de acesso virtual 3 é criada para terminar o túnel L2F e clonada do virtual-template 1.

  14. O estado negociado LAC LCP replayed na pilha do acesso virtual PPP, e inclui a opção concordada MRRU.

  15. A authentication e autorização AAA/PPP ocorre então. Uma solicitação de acesso do RAIO é enviada.

  16. A autenticação é terminada e a interface de acesso virtual 3 é adicionada ao mestre do conjunto multilink.

/image/gif/paws/23982/23982b.bmp

Testes de laboratório - Balanceamento de carga LNS com Multilink PPP

Perfil de RADIUS

Este documento usa este perfil do usuário RADIUS e do túnel no servidor RADIUS da Merit 3.6B:

2500-1 Password = "cisco" 
Service-Type = Framed,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.255
dnis:614629 Password = "cisco"
Service-Type = Outbound,
Cisco:Avpair = "vpdn:tunnel-type=l2tp",
Cisco:Avpair = "vpdn:tunnel-id=hgw",
Cisco:Avpair = "vpdn:ip-addresses=10.51.6.61,10.51.6.59",
Cisco:Avpair = "vpdn:l2tp-tunnel-password=hello"

Configuração de LAC

Configuração de LAC mesmos que a configuração precedente.

LNS - Configuração para o MULTIHOP de Stackgroup (10.51.6.59 e 10.51.6.61)

hostname nsa-7200-2 (10.51.6.61)
username MULTIHOP password 0 cisco

!--- The stack name/password is used to authenticate the SGBP connections between 
!--- all member routers. As RADIUS has no concept of SendAuth , the stack name 
!--- password needs to be defined locally.

sgbp group MULTIHOP

!--- The stack group is given a unique username, the name 'MULTIHOP' must be 
!--- unique within a domain and only one stack group is allowed per router.

sgbp member nsa-7200-3 10.51.6.59

!--- The stack member '10.51.6.59' is defined.

vpdn multihop

!--- Enables the LNS to forward Multilink PPP links to Stack Group members that 
!--- already own existing bundle Masters for that session.

multilink virtual-template 1

!--- The Multilink Bundle Interface will clone from the Virtual Template 1.

interface Virtual-Template1
ip unnumbered Ethernet3/0
peer default ip address pool default
ppp authentication chap vpdn
ppp authorization vpdn
ppp chap hostname nsa-7200-2
ppp multilink
hostname nsa-7200-3 (10.51.6.59)
!
username MULTIHOP password 0 cisco
!
sgbp group MULTIHOP
sgbp member nsa-7200-2 10.51.6.61
vpdn multihop
!
multilink virtual-template 1
!
interface Virtual-Template1
ip unnumbered Ethernet3/0
peer default ip address pool default
ppp authentication chap vpdn
ppp authorization vpdn
ppp chap hostname nsa-7200-3
ppp multilink

Debugar tomado do LAC

Jan 1 00:01:01.039: %LINK-3-UPDOWN: Interface Serial0:0, 
changed state to up
Jan 1 00:01:01.235: Se0:0 PPP: Treating connection as a callin
Jan 1 00:01:01.235: Se0:0 PPP: Phase is ESTABLISHING, Passive Open
Jan 1 00:01:01.239: Se0:0 CHAP: Using alternate hostname 5300-1
Jan 1 00:01:01.239: Se0:0 LCP: State is Listen
Jan 1 00:01:01.239: Se0:0 LCP: I CONFREQ [Listen] id 22 len 23
Jan 1 00:01:01.239: Se0:0 LCP: MagicNumber 0x31BFC605 (0x050631BFC605)
Jan 1 00:01:01.239: Se0:0 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:01.239: Se0:0 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:01.239: Se0:0 LCP: O CONFREQ [Listen] id 27 len 28
Jan 1 00:01:01.239: Se0:0 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:01.239: Se0:0 LCP: MagicNumber 0x15C13318 (0x050615C13318)
Jan 1 00:01:01.239: Se0:0 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:01.239: Se0:0 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:01.239: Se0:0 LCP: O CONFACK [Listen] id 22 len 23
Jan 1 00:01:01.239: Se0:0 LCP: MagicNumber 0x31BFC605 (0x050631BFC605)
Jan 1 00:01:01.239: Se0:0 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:01.239: Se0:0 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:01.287: Se0:0 LCP: I CONFACK [ACKsent] id 27 len 28
Jan 1 00:01:01.287: Se0:0 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:01.287: Se0:0 LCP: MagicNumber 0x15C13318 (0x050615C13318)
Jan 1 00:01:01.287: Se0:0 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:01.287: Se0:0 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:01.287: Se0:0 LCP: State is Open
Jan 1 00:01:01.287: Se0:0 PPP: Phase is AUTHENTICATING, by this end
Jan 1 00:01:01.287: Se0:0 CHAP: Using alternate hostname 5300-1
Jan 1 00:01:01.287: Se0:0 CHAP: O CHALLENGE id 17 len 27 from "5300-1"
Jan 1 00:01:01.315: Se0:0 CHAP: I RESPONSE id 17 len 27 from "2500-1"
Jan 1 00:01:01.315: Se0:0 PPP: Phase is FORWARDING
Jan 1 00:01:01.315: Se0:0 VPDN: Got DNIS string 614629
Jan 1 00:01:01.315: Se0:0 VPDN: Looking for tunnel -- dnis:614629 --
Jan 1 00:01:01.315: Serial0:0 AAA/AUTHOR/VPDN (552916761): Port='Serial0:0' 
list='default' service=NET
Jan 1 00:01:01.315: AAA/AUTHOR/VPDN: Serial0:0 (552916761) user='dnis:614629'
Jan 1 00:01:01.315: Serial0:0 AAA/AUTHOR/VPDN (552916761): send AV service=ppp
Jan 1 00:01:01.315: Serial0:0 AAA/AUTHOR/VPDN (552916761): send AV protocol=vpdn
Jan 1 00:01:01.315: Serial0:0 AAA/AUTHOR/VPDN (552916761): found list "default"
Jan 1 00:01:01.315: Serial0:0 AAA/AUTHOR/VPDN (552916761): Method=NSA_LAB (radius)
Jan 1 00:01:01.319: RADIUS: Initial Transmit Serial0:0 id 34 10.51.6.3:1645, 
Access-Request, len 112
Jan 1 00:01:01.319: Attribute 4 6 0A330644
Jan 1 00:01:01.319: Attribute 5 6 00000000
Jan 1 00:01:01.319: Attribute 26 17 00000009020B5365
Jan 1 00:01:01.319: Attribute 61 6 00000002
Jan 1 00:01:01.319: Attribute 1 13 646E6973
Jan 1 00:01:01.319: Attribute 30 8 36313436
Jan 1 00:01:01.319: Attribute 31 12 32303835
Jan 1 00:01:01.319: Attribute 2 18 B8DE6FA3
Jan 1 00:01:01.319: Attribute 6 6 00000005
Jan 1 00:01:01.323: RADIUS: Received from id 34 10.51.6.3:1645, 
Access-Accept, len 167
Jan 1 00:01:01.323: Attribute 6 6 00000005
Jan 1 00:01:01.323: Attribute 26 29 0000000901177670
Jan 1 00:01:01.323: Attribute 26 26 0000000901147670
Jan 1 00:01:01.323: Attribute 26 47 0000000901297670
Jan 1 00:01:01.327: Attribute 26 39 0000000901217670
Jan 1 00:01:01.327: RADIUS: saved authorization data for user 620DAD68 
at 619E9BC0
Jan 1 00:01:01.327: RADIUS: cisco AVPair "vpdn:tunnel-type=l2tp"
Jan 1 00:01:01.327: RADIUS: cisco AVPair "vpdn:tunnel-id=hgw"
Jan 1 00:01:01.327: RADIUS: cisco AVPair "vpdn:ip-addresses=
10.51.6.61,10.51.6.59"
Jan 1 00:01:01.327: RADIUS: cisco AVPair "vpdn:l2tp-tunnel-password=hello"
Jan 1 00:01:01.327: AAA/AUTHOR (552916761): Post authorization status 
= PASS_ADD
Jan 1 00:01:01.327: AAA/AUTHOR/VPDN: Processing AV service=ppp
Jan 1 00:01:01.327: AAA/AUTHOR/VPDN: Processing AV protocol=vpdn
Jan 1 00:01:01.327: AAA/AUTHOR/VPDN: Processing AV tunnel-type=l2tp
Jan 1 00:01:01.327: AAA/AUTHOR/VPDN: Processing AV tunnel-id=hgw
Jan 1 00:01:01.327: AAA/AUTHOR/VPDN: Processing AV ip-addresses=
10.51.6.61,10.51.6.59
Jan 1 00:01:01.327: AAA/AUTHOR/VPDN: Processing AV l2tp-tunnel-password=hello
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: Got tunnel info for dnis:614629
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: LAC hgw
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: l2tp-busy-disconnect yes
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: l2tp-tunnel-password xxxxxx
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: 2 IP addresses
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: IP 10.51.6.61 Priority 1
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: IP 10.51.6.59 Priority 1
Jan 1 00:01:01.331: Se0:0 VPDN/: curlvl 1 Address 1: 10.51.6.59, priority 1 
Jan 1 00:01:01.331: Se0:0 VPDN/: Select non-active address 10.51.6.59, 
priority 1
Jan 1 00:01:01.331: Se0:0 VPDN: Find LNS process created
Jan 1 00:01:01.331: Tnl 5105 L2TP: SM State idle
Jan 1 00:01:01.331: Tnl 5105 L2TP: O SCCRQ 
Jan 1 00:01:01.331: Tnl 5105 L2TP: Tunnel state change from idle to 
wait-ctl-reply
Jan 1 00:01:01.331: Tnl 5105 L2TP: SM State wait-ctl-reply
Jan 1 00:01:01.331: Se0:0 VPDN: Forward to address 10.51.6.59
Jan 1 00:01:01.331: Se0:0 VPDN: Pending
Jan 1 00:01:01.331: Se0:0 VPDN: Process created
Jan 1 00:01:01.335: Tnl 5105 L2TP: I SCCRP from l2tp-gw
Jan 1 00:01:01.335: Tnl 5105 L2TP: Got a challenge from remote peer, 
l2tp-gw
Jan 1 00:01:01.335: Tnl 5105 L2TP: Got a response from remote peer, 
l2tp-gw
Jan 1 00:01:01.335: Tnl 5105 L2TP: Tunnel Authentication success
Jan 1 00:01:01.339: Tnl 5105 L2TP: Tunnel state change from 
wait-ctl-reply to established
Jan 1 00:01:01.339: Tnl 5105 L2TP: O SCCCN to l2tp-gw tnlid 24230
Jan 1 00:01:01.339: Tnl 5105 L2TP: SM State established
Jan 1 00:01:01.339: Se0:0 VPDN: Forwarding...
Jan 1 00:01:01.339: Tnl/Cl 5105/18 L2TP: Session FS enabled
Jan 1 00:01:01.339: Tnl/Cl 5105/18 L2TP: Session state change from idle 
to wait-for-tunnel
Jan 1 00:01:01.339: Se0:0 Tnl/Cl 5105/18 L2TP: Create session
Jan 1 00:01:01.339: Tnl 5105 L2TP: SM State established
Jan 1 00:01:01.339: Se0:0 Tnl/Cl 5105/18 L2TP: O ICRQ to l2tp-gw 24230/0
Jan 1 00:01:01.339: Se0:0 Tnl/Cl 5105/18 L2TP: Session state change from 
wait-for-tunnel to wait-reply
Jan 1 00:01:01.339: Se0:0 VPDN: 2500-1 is forwarded
Jan 1 00:01:01.343: Se0:0 Tnl/Cl 5105/18 L2TP: O ICCN to l2tp-gw 24230/41
Jan 1 00:01:01.347: Se0:0 Tnl/Cl 5105/18 L2TP: Session state change from 
wait-reply to established
Jan 1 00:01:02.343: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0:0, 
changed state to up

!--- Second Multilink Call is placed by the remote user.

Jan 1 00:01:03.123: %LINK-3-UPDOWN: Interface Serial0:1, 
changed state to up
Jan 1 00:01:03.127: %ISDN-6-CONNECT: Interface Serial0:0 
is now connected to 2085730592 2500-1
Jan 1 00:01:03.351: Se0:1 PPP: Treating connection as a callin
Jan 1 00:01:03.351: Se0:1 PPP: Phase is ESTABLISHING, Passive Open
Jan 1 00:01:03.351: Se0:1 CHAP: Using alternate hostname 5300-1
Jan 1 00:01:03.351: Se0:1 LCP: State is Listen
Jan 1 00:01:03.351: Se0:1 LCP: I CONFREQ [Listen] id 3 len 23
Jan 1 00:01:03.351: Se0:1 LCP: MagicNumber 0x31BFCE57 (0x050631BFCE57)
Jan 1 00:01:03.351: Se0:1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:03.351: Se0:1 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:03.351: Se0:1 LCP: O CONFREQ [Listen] id 3 len 28
Jan 1 00:01:03.351: Se0:1 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:03.351: Se0:1 LCP: MagicNumber 0x15C13B5D (0x050615C13B5D)
Jan 1 00:01:03.351: Se0:1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:03.351: Se0:1 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:03.355: Se0:1 LCP: O CONFACK [Listen] id 3 len 23
Jan 1 00:01:03.355: Se0:1 LCP: MagicNumber 0x31BFCE57 (0x050631BFCE57)
Jan 1 00:01:03.355: Se0:1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:03.355: Se0:1 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:03.403: Se0:1 LCP: I CONFACK [ACKsent] id 3 len 28
Jan 1 00:01:03.403: Se0:1 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:03.403: Se0:1 LCP: MagicNumber 0x15C13B5D (0x050615C13B5D)
Jan 1 00:01:03.403: Se0:1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:03.403: Se0:1 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:03.403: Se0:1 LCP: State is Open
Jan 1 00:01:03.403: Se0:1 PPP: Phase is AUTHENTICATING, by this end
Jan 1 00:01:03.403: Se0:1 CHAP: Using alternate hostname 5300-1
Jan 1 00:01:03.407: Se0:1 CHAP: O CHALLENGE id 3 len 27 from "5300-1"
Jan 1 00:01:03.435: Se0:1 CHAP: I RESPONSE id 3 len 27 from "2500-1"
Jan 1 00:01:03.435: Se0:1 PPP: Phase is FORWARDING
Jan 1 00:01:03.435: Se0:1 VPDN: Got DNIS string 614629
Jan 1 00:01:03.435: Se0:1 VPDN: Looking for tunnel -- dnis:614629 --
Jan 1 00:01:03.435: Serial0:1 AAA/AUTHOR/VPDN (4201608973): Port='Serial0:1' 
list='default' service=NET
Jan 1 00:01:03.435: AAA/AUTHOR/VPDN: Serial0:1 (4201608973) user='dnis:614629'
Jan 1 00:01:03.435: Serial0:1 AAA/AUTHOR/VPDN (4201608973): send AV service=ppp
Jan 1 00:01:03.435: Serial0:1 AAA/AUTHOR/VPDN (4201608973): send AV protocol=vpdn
Jan 1 00:01:03.435: Serial0:1 AAA/AUTHOR/VPDN (4201608973): found list "default"
Jan 1 00:01:03.435: Serial0:1 AAA/AUTHOR/VPDN (4201608973): Method=NSA_LAB (radius)
Jan 1 00:01:03.439: RADIUS: Initial Transmit Serial0:1 id 35 10.51.6.3:1645, 
Access-Request, len 112
Jan 1 00:01:03.439: Attribute 4 6 0A330644
Jan 1 00:01:03.439: Attribute 5 6 00000001
Jan 1 00:01:03.439: Attribute 26 17 00000009020B5365
Jan 1 00:01:03.439: Attribute 61 6 00000002
Jan 1 00:01:03.439: Attribute 1 13 646E6973
Jan 1 00:01:03.439: Attribute 30 8 36313436
Jan 1 00:01:03.439: Attribute 31 12 32303835
Jan 1 00:01:03.439: Attribute 2 18 0FC856FB
Jan 1 00:01:03.439: Attribute 6 6 00000005
Jan 1 00:01:03.443: RADIUS: Received from id 35 10.51.6.3:1645, 
Access-Accept, len 167
Jan 1 00:01:03.443: Attribute 6 6 00000005
Jan 1 00:01:03.443: Attribute 26 29 0000000901177670
Jan 1 00:01:03.443: Attribute 26 26 0000000901147670
Jan 1 00:01:03.443: Attribute 26 47 0000000901297670
Jan 1 00:01:03.443: Attribute 26 39 0000000901217670
Jan 1 00:01:03.443: RADIUS: saved authorization data for user 
62127900 at 61CD10A0
Jan 1 00:01:03.443: RADIUS: cisco AVPair "vpdn:tunnel-type=l2tp"
Jan 1 00:01:03.443: RADIUS: cisco AVPair "vpdn:tunnel-id=hgw"
Jan 1 00:01:03.443: RADIUS: cisco AVPair "vpdn:ip-addresses=
10.51.6.61,10.51.6.59"
Jan 1 00:01:03.443: RADIUS: cisco AVPair "vpdn:l2tp-tunnel-password=hello"
Jan 1 00:01:03.443: AAA/AUTHOR (4201608973): Post authorization status 
= PASS_ADD
Jan 1 00:01:03.443: AAA/AUTHOR/VPDN: Processing AV service=ppp
Jan 1 00:01:03.443: AAA/AUTHOR/VPDN: Processing AV protocol=vpdn
Jan 1 00:01:03.443: AAA/AUTHOR/VPDN: Processing AV tunnel-type=l2tp
Jan 1 00:01:03.443: AAA/AUTHOR/VPDN: Processing AV tunnel-id=hgw
Jan 1 00:01:03.443: AAA/AUTHOR/VPDN: Processing AV ip-addresses=
10.51.6.61,10.51.6.59
Jan 1 00:01:03.443: AAA/AUTHOR/VPDN: Processing AV l2tp-tunnel-password=hello
Jan 1 00:01:03.443: Se0:1 VPDN/RPMS/: Got tunnel info for dnis:614629
Jan 1 00:01:03.443: Se0:1 VPDN/RPMS/: LAC hgw
Jan 1 00:01:03.443: Se0:1 VPDN/RPMS/: l2tp-busy-disconnect yes
Jan 1 00:01:03.443: Se0:1 VPDN/RPMS/: l2tp-tunnel-password xxxxxx
Jan 1 00:01:03.443: Se0:1 VPDN/RPMS/: 2 IP addresses
Jan 1 00:01:03.443: Se0:1 VPDN/RPMS/: IP 10.51.6.61 Priority 1
Jan 1 00:01:03.447: Se0:1 VPDN/RPMS/: IP 10.51.6.59 Priority 1
Jan 1 00:01:03.447: Se0:1 VPDN/: curlvl 1 Address 1: 10.51.6.59, priority 1 
Jan 1 00:01:03.447: Se0:1 VPDN/: curlvl 1 Address 0: 10.51.6.61, priority 1 
Jan 1 00:01:03.447: Se0:1 VPDN/: Select non-active address 10.51.6.61, 
priority 1
Jan 1 00:01:03.447: Se0:1 VPDN: Find LNS process created
Jan 1 00:01:03.447: Tnl 49388 L2TP: SM State idle
Jan 1 00:01:03.447: Tnl 49388 L2TP: O SCCRQ 
Jan 1 00:01:03.447: Tnl 49388 L2TP: Tunnel state change from idle to 
wait-ctl-reply
Jan 1 00:01:03.447: Tnl 49388 L2TP: SM State wait-ctl-reply
Jan 1 00:01:03.447: Se0:1 VPDN: Forward to address 10.51.6.61
Jan 1 00:01:03.447: Se0:1 VPDN: Pending
Jan 1 00:01:03.447: Se0:1 VPDN: Process created
Jan 1 00:01:03.451: Tnl 49388 L2TP: I SCCRP from l2tp-gw
Jan 1 00:01:03.451: Tnl 49388 L2TP: Got a challenge from remote peer, 
l2tp-gw
Jan 1 00:01:03.451: Tnl 49388 L2TP: Got a response from remote peer, 
l2tp-gw
Jan 1 00:01:03.451: Tnl 49388 L2TP: Tunnel Authentication success
Jan 1 00:01:03.451: Tnl 49388 L2TP: Tunnel state change from 
wait-ctl-reply to established
Jan 1 00:01:03.451: Tnl 49388 L2TP: O SCCCN to l2tp-gw tnlid 43591
Jan 1 00:01:03.455: Tnl 49388 L2TP: SM State established
Jan 1 00:01:03.455: Se0:1 VPDN: Forwarding...
Jan 1 00:01:03.455: Tnl/Cl 49388/19 L2TP: Session FS enabled
Jan 1 00:01:03.455: Tnl/Cl 49388/19 L2TP: Session state change from 
idle to wait-for-tunnel
Jan 1 00:01:03.455: Se0:1 Tnl/Cl 49388/19 L2TP: Create session
Jan 1 00:01:03.455: Tnl 49388 L2TP: SM State established
Jan 1 00:01:03.455: Se0:1 Tnl/Cl 49388/19 L2TP: O ICRQ to l2tp-gw 43591/0
Jan 1 00:01:03.455: Se0:1 Tnl/Cl 49388/19 L2TP: Session state change from 
wait-for-tunnel to wait-reply
Jan 1 00:01:03.455: Se0:1 VPDN: 2500-1 is forwarded
Jan 1 00:01:03.459: Se0:1 Tnl/Cl 49388/19 L2TP: O ICCN to l2tp-gw 43591/19
Jan 1 00:01:03.463: Se0:1 Tnl/Cl 49388/19 L2TP: Session state change from 
wait-reply to established
Jan 1 00:01:04.455: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0:1, 
changed state to up
Jan 1 00:01:09.127: %ISDN-6-CONNECT: Interface Serial0:1 is now connected to 
2085730592 2500-1

/image/gif/paws/23982/23982c.bmp

Debuga tomado do LNS - 10.51.6.59

Jan 1 00:01:01.783: L2TP: I SCCRQ from hgw tnl 5105
Jan 1 00:01:01.783: Tnl 24230 L2TP: Got a challenge in SCCRQ, hgw
Jan 1 00:01:01.783: Tnl 24230 L2TP: New tunnel created for remote hgw, 
address10.51.6.68
Jan 1 00:01:01.783: Tnl 24230 L2TP: O SCCRP to hgw tnlid 5105
Jan 1 00:01:01.783: Tnl 24230 L2TP: Tunnel state change from idle 
to wait-ctl-reply
Jan 1 00:01:01.787: Tnl 24230 L2TP: I SCCCN from hgw tnl 5105
Jan 1 00:01:01.787: Tnl 24230 L2TP: Got a Challenge Response in SCCCN from hgw
Jan 1 00:01:01.787: Tnl 24230 L2TP: Tunnel Authentication success
Jan 1 00:01:01.787: Tnl 24230 L2TP: Tunnel state change from wait-ctl-reply 
to established
Jan 1 00:01:01.787: Tnl 24230 L2TP: SM State established
Jan 1 00:01:01.791: Tnl 24230 L2TP: I ICRQ from hgw tnl 5105
Jan 1 00:01:01.791: Tnl/Cl 24230/41 L2TP: Session FS enabled
Jan 1 00:01:01.791: Tnl/Cl 24230/41 L2TP: Session state change from idle 
to wait-connect
Jan 1 00:01:01.791: Tnl/Cl 24230/41 L2TP: New session created
Jan 1 00:01:01.791: Tnl/Cl 24230/41 L2TP: O ICRP to hgw 5105/18
Jan 1 00:01:01.795: Tnl/Cl 24230/41 L2TP: I ICCN from hgw tnl 5105, cl 18
Jan 1 00:01:01.795: Tnl/Cl 24230/41 L2TP: Session state change from wait-connect 
to established
Jan 1 00:01:01.795: Vi2 VPDN: Virtual interface created for 2500-1
Jan 1 00:01:01.795: Vi2 PPP: Phase is DOWN, Setup
Jan 1 00:01:01.799: Vi2 VTEMPLATE: Has a new cloneblk vtemplate, 
now it has vtemplate
Jan 1 00:01:01.799: Vi2 VTEMPLATE: 
************* CLONE VACCESS2 *****************
Jan 1 00:01:01.799: Vi2 VTEMPLATE: Clone from Virtual-Template1
interface Virtual-Access2
default ip address
ppp authentication chap vpdn
ppp authorization vpdn
ppp multilink
pp chap hostname nsa-7200-3
end
Jan 1 00:01:01.835: %LINK-3-UPDOWN: Interface Virtual-Access2, 
changed state to up
Jan 1 00:01:01.835: Vi2 PPP: Using set call direction
Jan 1 00:01:01.835: Vi2 PPP: Treating connection as a callin
Jan 1 00:01:01.835: Vi2 PPP: Phase is ESTABLISHING, Passive Open
Jan 1 00:01:01.835: Vi2 CHAP: Using alternate hostname nsa-7200-3
Jan 1 00:01:01.835: Vi2 LCP: State is Listen
Jan 1 00:01:01.835: Vi2 LCP: I FORCED CONFREQ len 24
Jan 1 00:01:01.835: Vi2 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:01.835: Vi2 LCP: MagicNumber 0x15C13318 (0x050615C13318)
Jan 1 00:01:01.835: Vi2 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:01.835: Vi2 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:01.835: Vi2 VPDN: PPP LCP accepted rcv CONFACK
Jan 1 00:01:01.835: Vi2 LCP: I FORCED CONFACK len 19
Jan 1 00:01:01.835: Vi2 LCP: MagicNumber 0x31BFC605 (0x050631BFC605)
Jan 1 00:01:01.835: Vi2 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:01.835: Vi2 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:01.835: Vi2 VPDN: PPP LCP accepted sent CONFACK
Jan 1 00:01:01.835: Vi2 PPP: Phase is AUTHENTICATING, by this end
Jan 1 00:01:01.835: Vi2 CHAP: Using alternate hostname nsa-7200-3
Jan 1 00:01:01.835: Vi2 CHAP: O CHALLENGE id 3 len 31 from "nsa-7200-3"
Jan 1 00:01:01.835: Vi2 CHAP: I RESPONSE id 17 len 27 from "2500-1"
Jan 1 00:01:01.835: Vi2 PPP: Phase is FORWARDING
Jan 1 00:01:01.835: Vi2 VPDN: Looking for tunnel -- --
Jan 1 00:01:01.839: Vi2 VPDN: Looking for tunnel -- --
Jan 1 00:01:01.839: %SGBP-7-NEWL: Local query #53 for 2500-1, count 1, 
ourbid 50
Jan 1 00:01:01.839: Vi2 VPDN: Continue using SGBP for 2500-1
Jan 1 00:01:01.839: Vi2 VPDN: Pending
Jan 1 00:01:01.839: Vi2 VPDN: Process created
Jan 1 00:01:02.091: %SGBP-7-DONE: Query #53 for bundle 2500-1, count 1, 
master is local
Jan 1 00:01:02.091: %SGBP-7-MQB: Bundle: 2500-1 State: Done OurBid: 10000
Jan 1 00:01:02.091: %SGBP-7-PB: 10.51.6.61 State: Rcvd Bid: 000 Retry: 0
Jan 1 00:01:02.091: Vi2 VPDN: Not forwarded
Jan 1 00:01:02.091: Vi2 PPP: Phase is AUTHENTICATING
Jan 1 00:01:02.091: Vi2 CHAP: I RESPONSE id 17 len 27 from "2500-1"
Jan 1 00:01:02.091: AAA/AUTHEN/START (3376880111): port='Virtual-Access2' 
list='vpdn' action=LOGI service=PPP
Jan 1 00:01:02.091: AAA/AUTHEN/START (3376880111): found list vpdn
Jan 1 00:01:02.091: AAA/AUTHEN/START (3376880111): Method=radius (radius)
Jan 1 00:01:02.091: RADIUS: Initial Transmit Virtual-Access2 
id 15 10.51.6.3:1645, Access-Request, len 97
Jan 1 00:01:02.091: Attribute 4 6 0A33063B
Jan 1 00:01:02.091: Attribute 5 6 00000002
Jan 1 00:01:02.091: Attribute 61 6 00000005
Jan 1 00:01:02.091: Attribute 1 8 32353030
Jan 1 00:01:02.091: Attribute 30 8 36313436
Jan 1 00:01:02.091: Attribute 31 12 32303835
Jan 1 00:01:02.091: Attribute 3 19 110F710D
Jan 1 00:01:02.091: Attribute 6 6 00000002
Jan 1 00:01:02.091: Attribute 7 6 00000001
Jan 1 00:01:02.095: RADIUS: Received from id 15 10.51.6.3:1645, 
Access-Accept, len 38
Jan 1 00:01:02.095: Attribute 6 6 00000002
Jan 1 00:01:02.095: Attribute 7 6 00000001
Jan 1 00:01:02.095: Attribute 8 6 FFFFFFFF
Jan 1 00:01:02.095: AAA/AUTHEN (3376880111): status = PASS
Jan 1 00:01:02.095: Vi2 AAA/AUTHOR/LCP: Authorize LCP
Jan 1 00:01:02.095: Vi2 AAA/AUTHOR/LCP (2242497288): Port='Virtual-Access2' 
list='vpdn' service=NET
Jan 1 00:01:02.099: AAA/AUTHOR/LCP: Vi2 (2242497288) user='2500-1'
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/LCP (2242497288): send AV service=ppp
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/LCP (2242497288): send AV protocol=lcp
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/LCP (2242497288): found list "vpdn"
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/LCP (2242497288): Method=radius (radius)
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR (2242497288): Post authorization status 
= PASS_REPL
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/LCP: Processing AV service=ppp
Jan 1 00:01:02.099: Vi2 CHAP: O SUCCESS id 17 len 4
Jan 1 00:01:02.099: Vi2 PPP: Phase is VIRTUALIZED
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/MLP (2616761311): Port='Virtual-Access2' 
list='vpdn' service=NET
Jan 1 00:01:02.099: AAA/AUTHOR/MLP: Vi2 (2616761311) user='2500-1'
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/MLP (2616761311): send AV service=ppp
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/MLP (2616761311): send AV protocol=multilink
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/MLP (2616761311): found list "vpdn"
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/MLP (2616761311): Method=radius (radius)
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR (2616761311): Post authorization status 
= PASS_REPL
Jan 1 00:01:02.099: Vi1 VTEMPLATE: Set default settings with ip unnumbered
Jan 1 00:01:02.115: Vi1 VTEMPLATE: Hardware address 0010.0ba5.f800
Jan 1 00:01:02.115: Vi1 PPP: Phase is DOWN, Setup
Jan 1 00:01:02.119: Vi1 VTEMPLATE: Has a new cloneblk vtemplate, 
now it has vtemplate
Jan 1 00:01:02.119: Vi1 VTEMPLATE: 
************* CLONE VACCESS1 *****************
Jan 1 00:01:02.119: Vi1 VTEMPLATE: Clone from Virtual-Template1
interface Virtual-Access1
default ip address
no ip address
encap ppp
ip unnumbered Ethernet5/0
peer default ip address pool default
ppp authentication chap vpdn
ppp authorization vpdn
ppp multilink
pp chap hostname nsa-7200-3
end

Jan 1 00:01:02.179: Vi2 IPCP: Packet buffered while building 
MLP bundle interface
Jan 1 00:01:02.179: %LINK-3-UPDOWN: Interface Virtual-Access1, 
changed state to up
Jan 1 00:01:02.179: Vi1 PPP: Treating connection as a dedicated line
Jan 1 00:01:02.179: Vi1 PPP: Phase is ESTABLISHING, Active Open
Jan 1 00:01:02.179: Vi1 CHAP: Using alternate hostname nsa-7200-3
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM: (0): LCP succeeds trivially
Jan 1 00:01:02.179: Vi1 LCP: O CONFREQ [Closed] id 1 len 32
Jan 1 00:01:02.179: Vi1 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:02.179: Vi1 LCP: MagicNumber 0x1F5A340B (0x05061F5A340B)
Jan 1 00:01:02.179: Vi1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:02.179: Vi1 LCP: EndpointDisc 1 Local 
(0x130D016E73612D373230302D33)
Jan 1 00:01:02.179: AAA/AUTHOR/MLP Vi1: Processing AV service=ppp
Jan 1 00:01:02.179: Vi1 VPDN: Virtual interface iteration
Jan 1 00:01:02.179: Vi1 PPP: Phase is UP
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM: (0): Can we start IPCP?
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM (2530889481): Port='Virtual-Access2' 
list='vpdn' service=NET
Jan 1 00:01:02.179: AAA/AUTHOR/FSM: Vi1 (2530889481) user='2500-1'
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM (2530889481): send AV service=ppp
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM (2530889481): send AV protocol=ip
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM (2530889481): found list "vpdn"
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM (2530889481): Method=radius (radius)
Jan 1 00:01:02.179: RADIUS: allowing negotiated framed address
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR (2530889481): Post authorization status 
= PASS_REPL
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM: We can start IPCP
Jan 1 00:01:02.183: Vi1 IPCP: O CONFREQ [Closed] id 1 len 10
Jan 1 00:01:02.183: Vi1 IPCP: Address 10.51.6.59 (0x03060A33063B)
Jan 1 00:01:02.183: Vi1 MLP: Added first link Vi2 to bundle 2500-1
Jan 1 00:01:02.183: Vi2 IPCP: Redirect packet to Vi1
Jan 1 00:01:02.183: Vi1 IPCP: I CONFREQ [REQsent] id 1 len 10
Jan 1 00:01:02.183: Vi1 IPCP: Address 10.10.53.2 (0x03060A0A3502)
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP: Start. Her address 10.10.53.2, 
we want 0.0.0.0
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP (2777739044): Port='Virtual-Access2' 
list='vpdn' service=NET
Jan 1 00:01:02.183: AAA/AUTHOR/IPCP: Vi1 (2777739044) user='2500-1'
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP (2777739044): send AV service=ppp
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP (2777739044): send AV protocol=ip
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP (2777739044): send AV addr*10.10.53.2
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP (2777739044): found list "vpdn"
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP (2777739044): Method=radius (radius)
Jan 1 00:01:02.183: RADIUS: allowing negotiated framed address 10.10.53.2
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR (2777739044): Post authorization status 
= PASS_REPL
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=10.10.53.2
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP: Done. Her address 10.10.53.2, 
we want 10.10.53.2
Jan 1 00:01:02.183: Vi1 IPCP: O CONFACK [REQsent] id 1 len 10
Jan 1 00:01:02.183: Vi1 IPCP: Address 10.10.53.2 (0x03060A0A3502)
Jan 1 00:01:02.211: Vi1 IPCP: I CONFACK [ACKsent] id 1 len 10
Jan 1 00:01:02.211: Vi1 IPCP: Address 10.51.6.59 (0x03060A33063B)
Jan 1 00:01:02.211: Vi1 IPCP: State is Open
Jan 1 00:01:02.211: Vi1 AAA/AUTHOR/PER-USER: Event IP_UP
Jan 1 00:01:02.211: Vi1 AAA/AUTHOR: IP_UP
Jan 1 00:01:02.211: Vi1 AAA/PER-USER: processing author params.
Jan 1 00:01:02.215: Vi1 IPCP: Install route to 10.10.53.2
Jan 1 00:01:03.099: %LINEPROTO-5-UPDOWN: 
Line protocol on Interface Virtual-Access2, changed state to up
Jan 1 00:01:03.179: %LINEPROTO-5-UPDOWN: 
Line protocol on Interface Virtual-Access1, changed state to up
Jan 1 00:01:04.163: %SGBP-7-NEWP: 
Peer query #54 for 2500-1, count 1, peerbid 50, ourbid 10000
Jan 1 00:01:04.363: %SGBP-7-DONE: 
Query #54 for bundle 2500-1, count 0, master is local
Jan 1 00:01:04.367: L2X: L2F_CONF received
Jan 1 00:01:04.367: Tnl 46 L2F: Received L2F-CONF from MULTIHOP
Jan 1 00:01:04.367: AAA/AUTHEN/START (1546583827): 
port='' list='default' action=SENDAUTH service=PPP
Jan 1 00:01:04.367: AAA/AUTHEN/START (1546583827): found list default
Jan 1 00:01:04.367: AAA/AUTHEN/START (1546583827): Method=LOCAL
Jan 1 00:01:04.367: AAA/AUTHEN (1546583827): status = PASS
Jan 1 00:01:04.367: AAA/AUTHEN/START (3291965384): 
port='' list='default' action=SENDAUTH service=PPP
Jan 1 00:01:04.367: AAA/AUTHEN/START (3291965384): found list default
Jan 1 00:01:04.367: AAA/AUTHEN/START (3291965384): Method=LOCAL
Jan 1 00:01:04.367: AAA/AUTHEN (3291965384): status = PASS
Jan 1 00:01:04.367: Tnl 46 L2F: 
Opened UDP socket to 10.51.6.61 using source 10.51.6.59
Jan 1 00:01:04.367: Tnl 46 L2F: 
Tunnel MULTIHOP state change from closed state opening
Jan 1 00:01:04.367: Tnl 46 L2F: Sending L2F-CONF to peer
Jan 1 00:01:04.375: Tnl 46 L2F: L2F_OPEN received
Jan 1 00:01:04.375: Tnl 46 L2F: 
OPEN from MULTIHOP received for tunnel in state opening
Jan 1 00:01:04.375: AAA/AUTHEN/START (3210024667): 
port='' list='default' action=LOGIN service=PPP
Jan 1 00:01:04.375: AAA/AUTHEN/START (3210024667): found list default
Jan 1 00:01:04.375: AAA/AUTHEN/START (3210024667): Method=LOCAL
Jan 1 00:01:04.375: AAA/AUTHEN (3210024667): status = PASS
Jan 1 00:01:04.375: VPDN: Chap authentication succeeded for MULTIHOP
Jan 1 00:01:04.375: Tnl 46 L2F: 
Tunnel MULTIHOP state change from opening state open
Jan 1 00:01:04.375: Tnl 46 L2F: Replying to MULTIHOP with L2F-OPEN
Jan 1 00:01:04.379: Tnl 46 L2F: L2F_OPEN received
Jan 1 00:01:04.379: Tnl 46 L2F: New OPEN received for Session 12
Jan 1 00:01:04.379: 2500-1Tnl/Cl 46/12 L2F: 
Session state change from closed to opening
Jan 1 00:01:04.379: Vi3 VTEMPLATE: Hardware address 0010.0ba5.f800
Jan 1 00:01:04.379: Vi3 VPDN: 
Virtual interface created for 2500-1 bandwidth 64 Kbps
Jan 1 00:01:04.379: Vi3 PPP: Phase is DOWN, Setup
Jan 1 00:01:04.379: Vi3 VTEMPLATE: 
Has a new cloneblk vtemplate, now it has vtemplate
Jan 1 00:01:04.379: Vi3 VTEMPLATE: 
************* CLONE VACCESS3 *****************
Jan 1 00:01:04.379: Vi3 VTEMPLATE: Clone from Virtual-Template1
interface Virtual-Access3
default ip address
ppp authentication chap vpdn
ppp authorization vpdn
ppp multilink
pp chap hostname nsa-7200-3
end

Jan 1 00:01:04.419: %LINK-3-UPDOWN: Interface Virtual-Access3, 
changed state to up
Jan 1 00:01:04.419: Vi3 PPP: Using set call direction
Jan 1 00:01:04.419: Vi3 PPP: Treating connection as a callin
Jan 1 00:01:04.419: Vi3 PPP: Phase is ESTABLISHING, Passive Open
Jan 1 00:01:04.419: Vi3 CHAP: Using alternate hostname nsa-7200-3
Jan 1 00:01:04.419: Vi3 LCP: State is Listen
Jan 1 00:01:04.419: Vi3 LCP: I FORCED CONFREQ len 24
Jan 1 00:01:04.419: Vi3 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:04.419: Vi3 LCP: MagicNumber 0x15C13B5D (0x050615C13B5D)
Jan 1 00:01:04.419: Vi3 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:04.419: Vi3 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:04.419: Vi3 VPDN: PPP LCP accepted rcv CONFACK
Jan 1 00:01:04.419: Vi3 LCP: I FORCED CONFACK len 19
Jan 1 00:01:04.419: Vi3 LCP: MagicNumber 0x31BFCE57 (0x050631BFCE57)
Jan 1 00:01:04.419: Vi3 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:04.419: Vi3 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:04.419: Vi3 VPDN: PPP LCP accepted sent CONFACK
Jan 1 00:01:04.419: Vi3 PPP: Phase is AUTHENTICATING, by this end
Jan 1 00:01:04.419: Vi3 CHAP: Using alternate hostname nsa-7200-3
Jan 1 00:01:04.419: Vi3 CHAP: O CHALLENGE id 3 len 31 from "nsa-7200-3"
Jan 1 00:01:04.419: Vi3 Tnl/Cl 46/12 L2F: 
Transfer NAS-Rate L2F/64000/64000 to LCP
Jan 1 00:01:04.419: Vi3 CHAP: I RESPONSE id 3 len 27 from "2500-1"
Jan 1 00:01:04.419: Vi3 PPP: Phase is FORWARDING
Jan 1 00:01:04.423: Vi3 VPDN: Looking for tunnel -- --
Jan 1 00:01:04.423: Vi3 VPDN: Looking for tunnel -- --
Jan 1 00:01:04.423: Vi3 VPDN: Multihop illegal for Multichassis Multilink

!--- This debug message is generated as the Cisco IOS software checks to see 
!--- if the second and first hops are already an existing Multichassis tunnel.
!--- If so, the tunnel is disallowed.

Jan 1 00:01:04.423: Vi3 VPDN: Continue PPP authentication for 2500-1
Jan 1 00:01:04.423: Vi3 PPP: Phase is AUTHENTICATING
Jan 1 00:01:04.423: Vi3 Tnl/Cl 46/12 L2F: Created VA for Mid, 
Replying with OPEN
Jan 1 00:01:04.423: Vi3 Tnl/Cl 46/12 L2F: 
Session state change from opening to open
Jan 1 00:01:04.423: AAA/AUTHEN/START (578160697): 
port='Virtual-Access3' list='vpdn' action=LOGIN service=PPP
Jan 1 00:01:04.423: AAA/AUTHEN/START (578160697): found list vpdn
Jan 1 00:01:04.423: AAA/AUTHEN/START (578160697): Method=radius (radius)
Jan 1 00:01:04.423: RADIUS: Initial Transmit Virtual-Access3
 id 16 10.51.6.3:1645, Access-Request, len 97
Jan 1 00:01:04.423: Attribute 4 6 0A33063B
Jan 1 00:01:04.423: Attribute 5 6 00000003
Jan 1 00:01:04.423: Attribute 61 6 00000005
Jan 1 00:01:04.423: Attribute 1 8 32353030
Jan 1 00:01:04.423: Attribute 30 8 36313436
Jan 1 00:01:04.423: Attribute 31 12 32303835
Jan 1 00:01:04.423: Attribute 3 19 03A99FFB
Jan 1 00:01:04.423: Attribute 6 6 00000002
Jan 1 00:01:04.423: Attribute 7 6 00000001
Jan 1 00:01:04.427: RADIUS: Received from id 16 10.51.6.3:1645, 
Access-Accept,len 38
Jan 1 00:01:04.427: Attribute 6 6 00000002
Jan 1 00:01:04.427: Attribute 7 6 00000001
Jan 1 00:01:04.427: Attribute 8 6 FFFFFFFF
Jan 1 00:01:04.427: AAA/AUTHEN (578160697): status = PASS
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP: Authorize LCP
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP (2032781798): Port='Virtual-Access3' 
list='vpdn' service=NET
Jan 1 00:01:04.427: AAA/AUTHOR/LCP: Vi3 (2032781798) user='2500-1'
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP (2032781798): send AV service=ppp
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP (2032781798): send AV protocol=lcp
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP (2032781798): found list "vpdn"
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP (2032781798): Method=radius (radius)
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR (2032781798): 
Post authorization status = PASS_REPL
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP: Processing AV service=ppp
Jan 1 00:01:04.427: Vi3 CHAP: O SUCCESS id 3 len 4
Jan 1 00:01:04.427: Vi3 PPP: Phase is VIRTUALIZED
Jan 1 00:01:04.427: Vi1 MLP: Added link Vi3 to bundle 2500-1
Jan 1 00:01:04.491: %SGBP-7-MQB: Bundle: 2500-1 State: Done OurBid:10000
Jan 1 00:01:04.491: %SGBP-7-PB: 10.51.6.61 State: Closed Bid: 050 Retry: 1
Jan 1 00:01:05.427: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, 
changed state to up

/image/gif/paws/23982/23982d.bmp

Debuga tomado do LNS - 10.51.6.61

Jan 1 00:01:02.399: %SGBP-7-NEWP: Peer query #53 for 2500-1, 
count 1, peerbid 5 0, ourbid 0
Jan 1 00:01:04.411: L2TP: I SCCRQ from hgw tnl 49388
Jan 1 00:01:04.411: Tnl 43591 L2TP: Got a challenge in SCCRQ, hgw
Jan 1 00:01:04.411: Tnl 43591 L2TP: New tunnel created for remote hgw, 
address 10.51.6.68
Jan 1 00:01:04.411: Tnl 43591 L2TP: O SCCRP to hgw tnlid 49388
Jan 1 00:01:04.411: Tnl 43591 L2TP: Tunnel state change from idle to 
wait-ctl-reply
Jan 1 00:01:04.415: Tnl 43591 L2TP: I SCCCN from hgw tnl 49388
Jan 1 00:01:04.415: Tnl 43591 L2TP: Got a Challenge Response in SCCCN from hgw
Jan 1 00:01:04.415: Tnl 43591 L2TP: Tunnel Authentication success
Jan 1 00:01:04.415: Tnl 43591 L2TP: Tunnel state change from wait-ctl-reply 
to established
Jan 1 00:01:04.415: Tnl 43591 L2TP: SM State established
Jan 1 00:01:04.419: Tnl 43591 L2TP: I ICRQ from hgw tnl 49388
Jan 1 00:01:04.419: Tnl/Cl 43591/19 L2TP: Session FS enabled
Jan 1 00:01:04.419: Tnl/Cl 43591/19 L2TP: Session state change from idle 
to wait-connect
Jan 1 00:01:04.419: Tnl/Cl 43591/19 L2TP: New session created
Jan 1 00:01:04.419: Tnl/Cl 43591/19 L2TP: O ICRP to hgw 49388/19
Jan 1 00:01:04.423: Tnl/Cl 43591/19 L2TP: I ICCN from hgw tnl 49388, cl 19
Jan 1 00:01:04.423: Tnl/Cl 43591/19 L2TP: Session state change from 
wait-connect to established
Jan 1 00:01:04.423: Vi1 VTEMPLATE: Hardware address 0090.b121.0c00
Jan 1 00:01:04.423: Vi1 VPDN: Virtual interface created for 2500-1
Jan 1 00:01:04.423: Vi1 PPP: Phase is DOWN, Setup
Jan 1 00:01:04.423: Vi1 VTEMPLATE: Has a new cloneblk vtemplate, 
now it has vtemplate
Jan 1 00:01:04.423: Vi1 VTEMPLATE: 
************* CLONE VACCESS1 *****************
Jan 1 00:01:04.423: Vi1 VTEMPLATE: Clone from Virtual-Template1
interface Virtual-Access1
default ip address
ppp authentication chap vpdn
ppp authorization vpdn
ppp multilink
pp chap hostname nsa-7200-2
end

Jan 1 00:01:04.479: %LINK-3-UPDOWN: Interface Virtual-Access1, 
changed state to up
Jan 1 00:01:04.479: Vi1 PPP: Using set call direction
Jan 1 00:01:04.479: Vi1 PPP: Treating connection as a callin
Jan 1 00:01:04.479: Vi1 PPP: Phase is ESTABLISHING, Passive Open
Jan 1 00:01:04.479: Vi1 CHAP: Using alternate hostname nsa-7200-2
Jan 1 00:01:04.479: Vi1 LCP: State is Listen
Jan 1 00:01:04.479: Vi1 VPDN: Bind interface direction=2
Jan 1 00:01:04.479: Vi1 LCP: I FORCED CONFREQ len 24
Jan 1 00:01:04.479: Vi1 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:04.479: Vi1 LCP: MagicNumber 0x15C13B5D (0x050615C13B5D)
Jan 1 00:01:04.479: Vi1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:04.479: Vi1 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:04.479: Vi1 VPDN: PPP LCP accepted rcv CONFACK
Jan 1 00:01:04.479: Vi1 LCP: I FORCED CONFACK len 19
Jan 1 00:01:04.479: Vi1 LCP: MagicNumber 0x31BFCE57 (0x050631BFCE57)
Jan 1 00:01:04.479: Vi1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:04.479: Vi1 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:04.479: Vi1 VPDN: PPP LCP accepted sent CONFACK
Jan 1 00:01:04.479: Vi1 PPP: Phase is AUTHENTICATING, by this end
Jan 1 00:01:04.483: Vi1 CHAP: O CHALLENGE id 3 len 31 from "nsa-7200-2"
Jan 1 00:01:04.483: Vi1 CHAP: I RESPONSE id 3 len 27 from "2500-1"
Jan 1 00:01:04.483: Vi1 PPP: Phase is FORWARDING
Jan 1 00:01:04.483: Vi1 VPDN: Looking for tunnel -- --
Jan 1 00:01:04.483: Vi1 VPDN: Looking for tunnel -- --
Jan 1 00:01:04.483: %SGBP-7-NEWL: Local query #54 for 2500-1, count 1,
 ourbid 50
Jan 1 00:01:04.483: Vi1 VPDN: Continue using SGBP for 2500-1
Jan 1 00:01:04.483: Vi1 VPDN: Pending
Jan 1 00:01:04.483: Vi1 VPDN: Process created
Jan 1 00:01:04.875: %SGBP-7-DONE: Query #54 for bundle 2500-1, count 1, 
master is 10.51.6.59
Jan 1 00:01:04.875: %SGBP-7-MQB: Bundle: 2500-1 State: Done OurBid: 050
Jan 1 00:01:04.875: %SGBP-7-PB: 10.51.6.59 State: Closed Bid: 10000 Retry: 0
Jan 1 00:01:04.875: Vi1 VPDN: Forwarding...
Jan 1 00:01:04.875: Vi1 Tnl/Cl 46/12 L2F: 
Session_create: Tunnel in closed state
Jan 1 00:01:04.875: Tnl 46 L2F: 
UDP socket opened to 10.51.6.59 using source 10.51.6.61
Jan 1 00:01:04.875: Tnl 46 L2F: 
Tunnel MULTIHOP state change from closed stateopening
Jan 1 00:01:04.875: Vi1 Tnl/Cl 46/12 L2F: 
Session state change from closed to waiting_for_tunnel
Jan 1 00:01:04.875: Vi1 Tnl/Cl 46/12 L2F: 
Session_create: Closed Tunnel being Re-Opened
Jan 1 00:01:04.875: Vi1 VPDN: 2500-1 is forwarded
Jan 1 00:01:04.879: Tnl 46 L2F: L2F_CONF received
Jan 1 00:01:04.879: Tnl 46 L2F: Received L2F-CONF from MULTIHOP
Jan 1 00:01:04.879: AAA/AUTHEN/START (3039224583): 
port='' list='default' action=SENDAUTH service=PPP
Jan 1 00:01:04.883: AAA/AUTHEN/START (3039224583): found list default
Jan 1 00:01:04.883: AAA/AUTHEN/START (3039224583): Method=LOCAL
Jan 1 00:01:04.883: AAA/AUTHEN (3039224583): status = PASS
Jan 1 00:01:04.883: AAA/AUTHEN/START (3797117540): 
port='' list='default' action=SENDAUTH service=PPP
Jan 1 00:01:04.883: AAA/AUTHEN/START (3797117540): found list default
Jan 1 00:01:04.883: AAA/AUTHEN/START (3797117540): Method=LOCAL
Jan 1 00:01:04.883: AAA/AUTHEN (3797117540): status = PASS
Jan 1 00:01:04.883: Tnl 46 L2F: 
Tunnel MULTIHOP state change from opening state open
Jan 1 00:01:04.883: Tnl 46 L2F: 
Replying with L2F-OPEN, Tunnel in Open-Wait
Jan 1 00:01:04.887: Tnl 46 L2F: L2F_OPEN received
Jan 1 00:01:04.887: Tnl 46 L2F: OPEN from MULTIHOP 
received for tunnel in state open
Jan 1 00:01:04.887: AAA/AUTHEN/START (228147723): 
port='' list='default' action=LOGIN service=PPP
Jan 1 00:01:04.887: AAA/AUTHEN/START (228147723): found list default
Jan 1 00:01:04.887: AAA/AUTHEN/START (228147723): Method=LOCAL
Jan 1 00:01:04.887: AAA/AUTHEN (228147723): status = PASS
Jan 1 00:01:04.887: VPDN: Chap authentication succeeded for MULTIHOP
Jan 1 00:01:04.887: Tnl 46 L2F: 
Tunnel MULTIHOP state change from open state open
Jan 1 00:01:04.887: Vi1 Tnl/Cl 46/12 L2F: 
Session state change from waiting_for_tunnel to opening
Jan 1 00:01:04.887: Vi1 Tnl/Cl 46/12 L2F: 
Sending OPEN for Open-Waiting Session
Jan 1 00:01:04.935: Vi1 Tnl/Cl 46/12 L2F: L2F_OPEN received
Jan 1 00:01:04.935: Vi1 Tnl/Cl 46/12 L2F: 
OPEN received for existing session in state opening
Jan 1 00:01:04.935: Vi1 Tnl/Cl 46/12 L2F: 
Session state change from opening to open
Jan 1 00:01:04.935: Vi1 Tnl/Cl 46/12 L2F: 
MID synced NAS/HG Clid=46/46 Mid=12
Jan 1 00:01:04.935: Vi1 PPP: Phase is FORWARDED
Jan 1 00:01:05.875: %LINEPROTO-5-UPDOWN: Line protocol on Interface 
Virtual-Access1, changed state to up

/image/gif/paws/23982/23982e.bmp

Discussões relacionadas da comunidade de suporte da Cisco

A Comunidade de Suporte da Cisco é um fórum onde você pode perguntar e responder, oferecer sugestões e colaborar com colegas.


Informações Relacionadas


Document ID: 23982