1、配置案例:https://www.h3c.com/cn/d_202310/1951320_30005_0.htm#_Toc148622654
2、如图,配置完成后尝试使用inode登录,结果一直连接登录不上。
3、这是debug的结果,求解谢谢!
*Feb 26 16:18:06:036 2024 LAC L2TPV2/7/CONTROL-PKT:
Received Hello packet from port 1701 (length=20, Ns=1, Nr=1). Packet content:
c8 02 00 14 00 00 00 00 00 01 00 01 80 08 00 00
00 00 00 06
*Feb 26 16:18:06:036 2024 LAC L2TPV2/7/ERROR:
Received invalid packet from port 1701, and dropped it.
*Feb 26 16:18:09:035 2024 LAC L2TPV2/7/ERROR:
The packet is invalid, because it is not a SCCRQ or StopCCN packet but the tunnel ID in the packet header is invalid.
*Feb 26 16:18:09:035 2024 LAC L2TPV2/7/CONTROL-PKT:
Received Hello packet from port 1701 (length=20, Ns=1, Nr=1). Packet content:
c8 02 00 14 00 00 00 00 00 01 00 01 80 08 00 00
00 00 00 06
*Feb 26 16:18:09:035 2024 LAC L2TPV2/7/ERROR:
Received invalid packet from port 1701, and dropped it.
*Feb 26 16:18:12:037 2024 LAC L2TPV2/7/ERROR:
The packet is invalid, because it is not a SCCRQ or StopCCN packet but the tunnel ID in the packet header is invalid.
*Feb 26 16:18:12:037 2024 LAC L2TPV2/7/CONTROL-PKT:
Received Hello packet from port 1701 (length=20, Ns=1, Nr=1). Packet content:
c8 02 00 14 00 00 00 00 00 01 00 01 80 08 00 00
00 00 00 06
(0)
最佳答案
您好,Received CDN packet from port 1701 (TunnelID=4621, length=38, Ns=4, Nr=2). Packet content:
LNS侧收到了拆除VA口通知,然后拆除,请排查LAC侧为什么发送该报文
(0)
老师,您看下我下面的评论,加了拓扑和脚本。
老师,您看下我下面的评论,加了拓扑和脚本。
贴分配置,控制连接都没有发起
(0)
老师,您看下我下面的评论,加了拓扑和脚本。
老师,您看下我下面的评论,加了拓扑和脚本。
1、拓扑
2、配置
<LAC>dis cu
#
interface Virtual-Template1
ppp authentication-mode chap domain system
#
interface GigabitEthernet0/0/0
port link-mode route
combo enable copper
ip address 192.168.56.111 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-mode route
combo enable copper
ip address 1.1.2.1 255.255.255.0
pppoe-server bind virtual-template 1
#
ip route-static 0.0.0.0 0 1.1.2.2
#
domain name system
authentication ppp local
#
domain default enable system
#
local-user vpnuser class network
password cipher $c$3$jfXFSfdG+XB0RraBb2CsEaEoOGBpn3oeVw==
service-type ppp
#
l2tp-group 1 mode lac
lns-ip 1.1.2.2
user fullusername vpnuser
tunnel name LAC
tunnel password cipher $c$3$Oci546bblkK68dwtOqr7npzuJm4ZFVuq9Q==
#
l2tp enable
#
return
<LNS>dis cu
#
ip pool aaa 192.168.0.10 192.168.0.20
ip pool aaa gateway 192.168.0.1
#
interface Virtual-Template1
ppp authentication-mode chap domain system
remote address pool aaa
ip address 192.168.0.1 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode route
combo enable copper
ip address 1.1.2.2 255.255.255.0
#
security-zone name Trust
import interface GigabitEthernet1/0/2
#
security-zone name Untrust
import interface GigabitEthernet1/0/1
import interface Virtual-Template1
#
ip route-static 192.168.56.0 24 192.168.0.10
#
domain system
authentication ppp local
#
local-user vpnuser class network
password cipher $c$3$4QWgHLkJ7ygKQY9TXbNf3S6kXWRu+CpKIw==
service-type ppp
authorization-attribute user-role network-operator
#
l2tp-group 1 mode lns
allow l2tp virtual-template 1 remote LAC
tunnel name LNS
tunnel password cipher $c$3$NxXXAlJ59gb2Hb/u3MP3MUKzmAuEdz15AA==
#
l2tp enable
#
security-policy ip
rule 0 name test
action pass
#
return
3、连接(隧道密码加不加都连不上)
(0)
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明