1、配置案例:https://www.h3c.com/cn/d_202310/1951320_30005_0.htm#_Toc148622654
2、如图,配置完成后尝试使用inode登录,结果一直连接登录不上。
3、这是debug的结果,求解谢谢!
*Feb 26 16:18:06:036 2024 LAC L2TPV2/7/CONTROL-PKT:
Received Hello packet from port 1701 (length=20, Ns=1, Nr=1). Packet content:
c8 02 00 14 00 00 00 00 00 01 00 01 80 08 00 00
00 00 00 06
*Feb 26 16:18:06:036 2024 LAC L2TPV2/7/ERROR:
Received invalid packet from port 1701, and dropped it.
*Feb 26 16:18:09:035 2024 LAC L2TPV2/7/ERROR:
The packet is invalid, because it is not a SCCRQ or StopCCN packet but the tunnel ID in the packet header is invalid.
*Feb 26 16:18:09:035 2024 LAC L2TPV2/7/CONTROL-PKT:
Received Hello packet from port 1701 (length=20, Ns=1, Nr=1). Packet content:
c8 02 00 14 00 00 00 00 00 01 00 01 80 08 00 00
00 00 00 06
*Feb 26 16:18:09:035 2024 LAC L2TPV2/7/ERROR:
Received invalid packet from port 1701, and dropped it.
*Feb 26 16:18:12:037 2024 LAC L2TPV2/7/ERROR:
The packet is invalid, because it is not a SCCRQ or StopCCN packet but the tunnel ID in the packet header is invalid.
*Feb 26 16:18:12:037 2024 LAC L2TPV2/7/CONTROL-PKT:
Received Hello packet from port 1701 (length=20, Ns=1, Nr=1). Packet content:
c8 02 00 14 00 00 00 00 00 01 00 01 80 08 00 00
00 00 00 06
(0)
最佳答案
您好,Received CDN packet from port 1701 (TunnelID=4621, length=38, Ns=4, Nr=2). Packet content:
LNS侧收到了拆除VA口通知,然后拆除,请排查LAC侧为什么发送该报文
(0)
老师,您看下我下面的评论,加了拓扑和脚本。
老师,您看下我下面的评论,加了拓扑和脚本。
贴分配置,控制连接都没有发起

(0)
老师,您看下我下面的评论,加了拓扑和脚本。
老师,您看下我下面的评论,加了拓扑和脚本。
1、拓扑

2、配置
<LAC>dis cu
#
interface Virtual-Template1
 ppp authentication-mode chap domain system 
#
interface GigabitEthernet0/0/0
 port link-mode route
 combo enable copper
 ip address 192.168.56.111 255.255.255.0
#
interface GigabitEthernet0/0/1
 port link-mode route
 combo enable copper
 ip address 1.1.2.1 255.255.255.0
 pppoe-server bind virtual-template 1
#
 ip route-static 0.0.0.0 0 1.1.2.2
#
domain name system
 authentication ppp local
#
 domain default enable system
#
local-user vpnuser class network
 password cipher $c$3$jfXFSfdG+XB0RraBb2CsEaEoOGBpn3oeVw==
 service-type ppp
#
l2tp-group 1 mode lac
 lns-ip 1.1.2.2
 user fullusername vpnuser
 tunnel name LAC
 tunnel password cipher $c$3$Oci546bblkK68dwtOqr7npzuJm4ZFVuq9Q==
#
 l2tp enable
#
return
<LNS>dis cu
#
 ip pool aaa 192.168.0.10 192.168.0.20 
 ip pool aaa gateway 192.168.0.1 
#
interface Virtual-Template1
 ppp authentication-mode chap domain system 
 remote address pool aaa 
 ip address 192.168.0.1 255.255.255.0
#
interface GigabitEthernet1/0/1
 port link-mode route
 combo enable copper
 ip address 1.1.2.2 255.255.255.0
#
security-zone name Trust
 import interface GigabitEthernet1/0/2
#
security-zone name Untrust
 import interface GigabitEthernet1/0/1
 import interface Virtual-Template1
#
 ip route-static 192.168.56.0 24 192.168.0.10
#
domain system
 authentication ppp local
#
local-user vpnuser class network
 password cipher $c$3$4QWgHLkJ7ygKQY9TXbNf3S6kXWRu+CpKIw==
 service-type ppp
 authorization-attribute user-role network-operator
#
l2tp-group 1 mode lns
 allow l2tp virtual-template 1 remote LAC
 tunnel name LNS
 tunnel password cipher $c$3$NxXXAlJ59gb2Hb/u3MP3MUKzmAuEdz15AA==
#
 l2tp enable
#
security-policy ip
 rule 0 name test
  action pass
#              
return
3、连接(隧道密码加不加都连不上)



(0)
 
	 
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明