Здравствуйте.
Пытаюсь настроить l2tp на cisco 870 и 850.
Туннель устанавливается,но пинги не идут.
Куда копать?
Munsera#sh run
Building configuration...
Current configuration : 2390 bytes
!
version 12.4
no service pad
no service timestamps debug uptime
no service timestamps log uptime
service password-encryption
!
hostname Munsera
!
boot-start-marker
boot system flash:/c870-advipservicesk9-mz.124-4.T7.bin
boot-end-marker
!
no aaa new-model
!
resource policy
!
ip subnet-zero
no ip source-route
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.250
ip dhcp excluded-address 192.168.0.50
ip dhcp excluded-address 192.168.0.253
ip dhcp excluded-address 192.168.0.150
ip dhcp excluded-address 192.168.0.151
ip dhcp excluded-address 192.168.0.152
ip dhcp excluded-address 192.168.0.153
ip dhcp excluded-address 192.168.0.154
ip dhcp excluded-address 192.168.0.155
ip dhcp excluded-address 192.168.0.156
ip dhcp excluded-address 192.168.0.157
ip dhcp excluded-address 192.168.0.158
ip dhcp excluded-address 192.168.0.159
ip dhcp excluded-address 192.168.0.160
!
ip dhcp pool Munsera
network 192.168.0.0 255.255.255.0
dns-server 8.8.8.8
default-router 192.168.0.254
!
!
ip domain name munsera.local
ip ssh authentication-retries 5
ip rcmd rsh-enable
l2tp-class class1
retransmit retries 10
timeout setup 400
!
!
pseudowire-class vlan-xconnect
encapsulation l2tpv3
protocol l2tpv3 class1
ip local interface FastEthernet4
ip pmtu
ip dfbit set
ip tos reflect
!
archive
log config
hidekeys
!
interface Loopback0
no ip address
!
interface FastEthernet0
no cdp enable
xconnect хх.хх.хх.251 123 pw-class vlan-xconnect
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
mac-address 001d.7d9f.8299
ip address dhcp
no ip redirects
no ip proxy-arp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface Vlan1
description -=LAN=-
ip address 192.168.0.254 255.255.255.0
ip nat inside
ip virtual-reassembly
!
no ip classless
ip route 0.0.0.0 0.0.0.0 dhcp
!
!
no ip http server
no ip http secure-server
ip nat inside source list 150 interface FastEthernet4 overload
!
access-list 101 permit ip any any
access-list 101 permit icmp any any
access-list 150 permit ip 192.168.0.0 0.0.0.255 any
!
!
control-plane
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
login local
transport input telnet ssh
!
no scheduler max-task-time
end
MO-Zhitnevo-RTR1#sh run
Building configuration...
Current configuration : 1995 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MO-Zhitnevo-RTR1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$IyN1$P7QEFW5DN6ijXYsTb5Q4O0
!
aaa new-model
!
!
aaa authentication login local_auth local
aaa authentication login userlist local
aaa authorization network admin-vpn local
!
!
aaa session-id common
!
!
dot11 syslog
!
!
ip cef
no ip domain lookup
ip domain name zhinevo.loc
ip name-server 194.85.12.10
ip name-server 212.44.130.6
l2tp-class class1
retransmit retries 10
timeout setup 400
!
!
archive
log config
hidekeys
!
!
ip ssh authentication-retries 5
ip rcmd rsh-enable
pseudowire-class vlan-xconnect
encapsulation l2tpv3
protocol l2tpv3 class1
ip local interface FastEthernet4
ip pmtu
ip dfbit set
ip tos reflect
!
!
!
!
interface Loopback0
no ip address
!
interface FastEthernet0
no cdp enable
xconnect хх.хх.хх.133 123 pw-class vlan-xconnect
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description -=WAN=-
ip address хх.хх.хх.251 255.255.255.0
ip nat outside
ip virtual-reassembly
no ip mroute-cache
duplex auto
speed auto
!
interface Vlan1
description -=Clients VLAN=-
ip address 192.168.0.222 255.255.255.0
ip nat inside
ip virtual-reassembly
no ip mroute-cache
!
no ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 195.189.137.1
!
no ip http server
no ip http secure-server
ip nat inside source list 150 interface FastEthernet4 overload
!
access-list 101 permit ip any any
access-list 101 permit icmp any any
access-list 150 permit ip 192.168.0.0 0.0.0.255 any
snmp-server community public RO
!
control-plane
!
!
line con 0
exec-timeout 5 30
password Lasnet09
no modem enable
line aux 0
line vty 0 4
password Lasnet09
login authentication local_auth
!
scheduler max-task-time 5000
end
MO-Zhitnevo-RTR1#sh l2tun session all
L2TP Session Information Total tunnels 1 sessions 1
Session id 10526 is up, tunnel id 54459
Remote session id is 5630, remote tunnel id 15174
Locally initiated session
Call serial number is 2678500002
Remote tunnel name is Munsera
Internet address is хх.хх.хх.133
Local tunnel name is MO-Zhitnevo-RTR1
Internet address is хх.хх.хх.251
IP protocol 115
Session is L2TP signaled
Session state is established, time since change 16:32:31
DF bit on, ToS reflect enabled, ToS value 0, TTL value 255
UDP checksums are disabled
Session PMTU enabled, path MTU is not known
FS cached header information:
encap size = 24 bytes
45000014 00004000 FF73FA05 C3BD89FB
4D32E685 000015FE
0 Packets sent, 0 received
0 Bytes sent, 0 received
Last clearing of counters never
Counters, ignoring last clear:
0 Packets sent, 0 received
0 Bytes sent, 0 received
Receive packets dropped:
out-of-order: 0
total: 0
Send packets dropped:
exceeded session MTU: 0
total: 0
Sequencing is off
Conditional debugging is disabled
Unique ID is 1
Session Layer 2 circuit, type is Ethernet, name is FastEthernet0
Session vcid is 123
Circuit state is DOWN
Local circuit state is DOWN
Remote circuit state is UP
MO-Zhitnevo-RTR1# sh l2tp
L2TP Tunnel and Session Information Total tunnels 1 sessions 1
LocID RemID Remote Name State Remote Address Port Sessions L2TP Class/
VPDN Group
54459 15174 Munsera est хх.хх.хх.133 0 1 class1
LocID RemID TunID Username, Intf/ State Last Chg Uniq ID
Vcid, Circuit
10526 5630 54459 123, Fa0 est 16:33:49 1
MO-Zhitnevo-RTR1#
Спасибо!