Chapter 4: L2TPv2 Troubleshooting Lab Solutions

This section contains solutions for L2TPv2 Troubleshooting Labs 1, 2, and 3. Note that the directory L2TPv2/LabSolution directory contains working configuration files for all routers for your reference.

Troubleshooting Lab 1 Solution

A1:

There is a PPP authentication protocol mismatch between the remote client (TATEBAYASHI@mjlnet.com) and CalCity_LAC. TATEBAYASHI@mjlnet.com is configured to use CHAP, and LODI_NAS1 is configured to use PAP. Reconfigure the PPP authentication protocol to be CHAP on LODI_NAS1 by using the ppp authentication chap command (on interface BRI number). See the section entitled "LCP Negotiation Between the Remote Access Client and the LAC" on page 266 for more information on troubleshooting this issue.

Troubleshooting Lab 2 Solution

A1:

There is a tunnel protocol mismatch between CalCity_LAC and Skydance_LNS. Skydance_LNS is configured to use L2F under vpdn-group 1. Reconfigure the tunnel protocol to be L2TP on Skydance_LNS using the protocol l2tp command under vpdn-group 1. See the "VPDN Protocol Mismatch" section on page 281 for details about troubleshooting this issue. Also configure the terminate-from hostname CalCity_LAC command, as well as an L2TP tunnel password, on Skydance_LNS using the l2tp tunnel password password (in this case, the password is cisco).

Troubleshooting Lab 3 Solution

A1:

In Troubleshooting Lab 3, there is an access list configured on Intermediate1 that is blocking L2TP (UDP port 1701). Remove the access list to resolve this issue. There is also an authentication failure for joebloggs@mjlnet.com on Skydance_LNS (the username jobloggs@mjlnet.com password password command should specify the password cisco). See the section entitled "LCP Negotiation or PPP Authentication Failure on the LNS" on page 299 for more details on troubleshooting this issue.