Mailing List Archive

Hi

> We have just closed a deal with our telco to use a DSL
> infrastructure and replace our remote offices which uses the ISDN.
>
> As a starter, We highly appreaciate if someone could send us a
> sample config for the LNS router and a cisco client router.
>
> We just wanted to get some ideas on how the configuration would
look
> like.

We can help if you tell us how you will use the DSL at the client
(PPPoA? PPPoE? PPPoEoA) and how you terminate the users at your LNS
(L2TP, PPPoE, PPPoEoA).

oli

_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

Hi,

On the LNS, you need to create a VPDN group to terminate
the connection:

vpdn-group Telco-DSL-LNS
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname <Telco-LAC-hostname>
local name Telco-DSL-LNS-hostname
lcp renegotiation always
l2tp tunnel password <tunnel password>
!

As you can see, the VPDN group references a virtual-template, which
is a template for the virtual-access interfaces that will be your
customer's access interfaces. You need to create this virtual template:

interface Virtual-Template1
description Telco DSL
mtu 1492
ip unnumbered Loopback0
no peer default ip address
ppp authentication pap chap ms-chap Telco-DSL-AAA
ppp authorization Telco-DSL-AAA
ppp accounting Telco-DSL-AAA
end

Here, you reference AAA groups, Telco-DSL-AAA, for authentication,
authorization and accounting. This configuration leaves it to
the AAA server (RADIUS/TACACS+) to decide the client's IP address,
if you don't want that, you can remove the "no peer default ip address"
and put in a reference to a local IP pool.
Also, this configuration uses the loopback0's IP address as an IP for
for the virtual access interfaces facing the customers.

You need to create the AAA groups:

aaa authentication ppp Telco-DSL-AAA group Telco-RADIUS
aaa authorization network Telco-DSL-AAA group Telco-RADIUS
aaa accounting network Telco-DSL-AAA start-stop group Telco-RADIUS

The AAA groups all reference the same RADIUS group, Telco-RADIUS:

aaa group server radius Telco-RADIUS
server-private <radius IP 1> auth-port 1812 acct-port 1813 key <key>
server-private <radius IP 2> auth-port 1812 acct-port 1813 key <key>
ip radius source-interface Loopback0
!

That's about it for the LNS. Regarding the client, these might help
you out:

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a00804fd93f.html


On Wed, 2006-01-18 at 18:04 -0500, Neilrey Espino wrote:
>
>
> Hi Guys,
>
> We have just closed a deal with our telco to use a DSL
> infrastructure and replace our remote offices which uses the
> ISDN.
>
> As a starter, We highly appreaciate if someone could send us a
> sample config for the LNS router and a cisco client router.
>
> We just wanted to get some ideas on how the configuration
> would look like.
>
> Many thanks in advance.
> ________________________________
> Neilrey
>
>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

Many Thanks Oliver,


The client will be using the PPPoE and it will be terminated using
L2TP.

Neilrey


-----Original Message-----
From: Oliver Boehmer (oboehmer) [mailto:oboehmer@cisco.com]
Sent: Thursday, January 19, 2006 2:38 AM
To: Neilrey Espino; cisco-bba@puck.nether.net
Subject: RE: [cisco-bba] Sample LNS and Client Router configuration


Hi

> We have just closed a deal with our telco to use a DSL
infrastructure
> and replace our remote offices which uses the ISDN.
>
> As a starter, We highly appreaciate if someone could send us a
sample
> config for the LNS router and a cisco client router.
>
> We just wanted to get some ideas on how the configuration would
look
> like.

We can help if you tell us how you will use the DSL at the client
(PPPoA? PPPoE? PPPoEoA) and how you terminate the users at your LNS
(L2TP, PPPoE, PPPoEoA).

oli

_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

I will continue to read on,,, Many Thanks for this Kris

________________________________
Neilrey


-----Original Message-----
From: Kristofer Sigurdsson [mailto:kristo@ipf.is]
Sent: Thursday, January 19, 2006 4:39 AM
To: Neilrey Espino
Cc: cisco-bba@puck.nether.net
Subject: Re: [cisco-bba] Sample LNS and Client Router configuration


Hi,

On the LNS, you need to create a VPDN group to terminate
the connection:

vpdn-group Telco-DSL-LNS
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname <Telco-LAC-hostname>
local name Telco-DSL-LNS-hostname
lcp renegotiation always
l2tp tunnel password <tunnel password>
!

As you can see, the VPDN group references a virtual-template, which is a
template for the virtual-access interfaces that will be your customer's
access interfaces. You need to create this virtual template:

interface Virtual-Template1
description Telco DSL
mtu 1492
ip unnumbered Loopback0
no peer default ip address
ppp authentication pap chap ms-chap Telco-DSL-AAA
ppp authorization Telco-DSL-AAA
ppp accounting Telco-DSL-AAA
end

Here, you reference AAA groups, Telco-DSL-AAA, for authentication,
authorization and accounting. This configuration leaves it to the AAA
server (RADIUS/TACACS+) to decide the client's IP address, if you don't
want that, you can remove the "no peer default ip address" and put in a
reference to a local IP pool. Also, this configuration uses the
loopback0's IP address as an IP for for the virtual access interfaces
facing the customers.

You need to create the AAA groups:

aaa authentication ppp Telco-DSL-AAA group Telco-RADIUS
aaa authorization network Telco-DSL-AAA group Telco-RADIUS
aaa accounting network Telco-DSL-AAA start-stop group Telco-RADIUS

The AAA groups all reference the same RADIUS group, Telco-RADIUS:

aaa group server radius Telco-RADIUS
server-private <radius IP 1> auth-port 1812 acct-port 1813 key <key>
server-private <radius IP 2> auth-port 1812 acct-port 1813 key <key>
ip radius source-interface Loopback0
!

That's about it for the LNS. Regarding the client, these might help you
out:

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_
chapter09186a00804fd93f.html


On Wed, 2006-01-18 at 18:04 -0500, Neilrey Espino wrote:
>
>
> Hi Guys,
>
> We have just closed a deal with our telco to use a DSL
> infrastructure and replace our remote offices which uses the
> ISDN.
>
> As a starter, We highly appreaciate if someone could send us a
> sample config for the LNS router and a cisco client router.
>
> We just wanted to get some ideas on how the configuration
> would look like.
>
> Many thanks in advance.
> ________________________________
> Neilrey
>
>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba

_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

Hi Kristofer,

I got some follow-up questions on the sample config.

1. How Many vpdn group should I create ? Telco gave me 12 vlans looks
like I have 12 tunnel connection to our telco, would this mean I should
configure 12 vpdn's ?
2. The <Telco-LAC-hostname> should this be a hostname or can also be an
IP ?

Thanks in advance.

neilrey


-----Original Message-----
From: Kristofer Sigurdsson [mailto:kristo@ipf.is]
Sent: Thursday, January 19, 2006 4:39 AM
To: Neilrey Espino
Cc: cisco-bba@puck.nether.net
Subject: Re: [cisco-bba] Sample LNS and Client Router configuration


Hi,

On the LNS, you need to create a VPDN group to terminate
the connection:

vpdn-group Telco-DSL-LNS
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname <Telco-LAC-hostname>
local name Telco-DSL-LNS-hostname
lcp renegotiation always
l2tp tunnel password <tunnel password>
!

As you can see, the VPDN group references a virtual-template, which is a
template for the virtual-access interfaces that will be your customer's
access interfaces. You need to create this virtual template:

interface Virtual-Template1
description Telco DSL
mtu 1492
ip unnumbered Loopback0
no peer default ip address
ppp authentication pap chap ms-chap Telco-DSL-AAA
ppp authorization Telco-DSL-AAA
ppp accounting Telco-DSL-AAA
end

Here, you reference AAA groups, Telco-DSL-AAA, for authentication,
authorization and accounting. This configuration leaves it to the AAA
server (RADIUS/TACACS+) to decide the client's IP address, if you don't
want that, you can remove the "no peer default ip address" and put in a
reference to a local IP pool. Also, this configuration uses the
loopback0's IP address as an IP for for the virtual access interfaces
facing the customers.

You need to create the AAA groups:

aaa authentication ppp Telco-DSL-AAA group Telco-RADIUS
aaa authorization network Telco-DSL-AAA group Telco-RADIUS
aaa accounting network Telco-DSL-AAA start-stop group Telco-RADIUS

The AAA groups all reference the same RADIUS group, Telco-RADIUS:

aaa group server radius Telco-RADIUS
server-private <radius IP 1> auth-port 1812 acct-port 1813 key <key>
server-private <radius IP 2> auth-port 1812 acct-port 1813 key <key>
ip radius source-interface Loopback0
!

That's about it for the LNS. Regarding the client, these might help you
out:

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_
chapter09186a00804fd93f.html


On Wed, 2006-01-18 at 18:04 -0500, Neilrey Espino wrote:
>
>
> Hi Guys,
>
> We have just closed a deal with our telco to use a DSL
> infrastructure and replace our remote offices which uses the
> ISDN.
>
> As a starter, We highly appreaciate if someone could send us a
> sample config for the LNS router and a cisco client router.
>
> We just wanted to get some ideas on how the configuration
> would look like.
>
> Many thanks in advance.
> ________________________________
> Neilrey
>
>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba

_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba

Hello Neilrey,

On Thu, 2006-01-19 at 10:11 -0500, Neilrey Espino wrote:
> Hi Kristofer,
>
> I got some follow-up questions on the sample config.
>
> 1. How Many vpdn group should I create ? Telco gave me 12 vlans looks
> like I have 12 tunnel connection to our telco, would this mean I should
> configure 12 vpdn's ?

Depends on the Telco config. In most cases, a single group will be
sufficient, as the Telco stuff will simply all connect using the same
VPDN group.

> 2. The <Telco-LAC-hostname> should this be a hostname or can also be an
> IP ?

It's a free-form string. All that matters is that the names match
between you and your Telco. Your terminate-from should match their
local-name.

--
Kristófer Sigurðsson Tel: +354 414 1600
Netrekstur/Network Operations IP Fjarskipti ehf.

_______________________________________________
cisco-bba mailing list
cisco-bba@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba