Urgent: Cisco Pix 501 + 2mbit Trib Cybera By Mtnl (cisco Help)

darkoddio

Newbie
[OP]
Feb 28, 2007
3
0
Hi allI'm coming from Italy to setup a small office for my company in MumbaiHere we have a Trib Cyber A: the goal is to configure the modem in bridge mode (done)and let the Cisco PIX dial the PPPoE connectionI already captured packets from the outside interface connection and I see that after the authorize ACK from the PPPoE server there is no PPP IPCP request to config the IP addressPPP upap rcvd authen ack: 2d331be4PPP - dev 1, xmit data pkt, but ipcp protocol is not upand then the PPPoE ask to terminate the requestRcvd Link Control Protocol pkt, Action code is: Termination Request, len is: 0Xmit Link Control Protocol pkt, Action code is: Termination ACK, len is: 0any ideas?thanksPS. I will go back to Italy on monday :)
 

baudhayan

Regulars
Regulars
Oct 20, 2005
238
10
Mumbai
QUOTE(Darkoddio @ Feb 28 2007, 04:37 PM) [snapback]81573[/snapback]
Hi all
I'm coming from Italy to setup a small office for my company in Mumbai
Here we have a Trib Cyber A: the goal is to configure the modem in bridge mode (done)
and let the Cisco PIX dial the PPPoE connection

I already captured packets from the outside interface connection and I see that after the authorize ACK from the PPPoE server
there is no PPP IPCP request to config the IP address

PPP upap rcvd authen ack: 2d331be4
PPP - dev 1, xmit data pkt, but ipcp protocol is not up

and then the PPPoE ask to terminate the request

Rcvd Link Control Protocol pkt, Action code is: Termination Request, len is: 0
Xmit Link Control Protocol pkt, Action code is: Termination ACK, len is: 0

any ideas?
thanks

PS. I will go back to Italy on monday :)[/b]

First configure ur PPPoE on the outside interface:

vpdn username password

vpdn enable outside

Then set:

ip address outside pppoe

& chk whether things work properly.

Else set the modem in PPPoE mode to initiate the PPPoE session & u assign a pvt address to ur f/w's outside interface & configure the NAT'ing & Port forwarding of ur modem's public IP with the f/w's pvt IP address.
 

darkoddio

Newbie
[OP]
Feb 28, 2007
3
0
QUOTE(baudhayan @ Mar 3 2007, 12:46 PM) [snapback]81978[/snapback]
First configure ur PPPoE on the outside interface:

vpdn username password

vpdn enable outside

Then set:

ip address outside pppoe

& chk whether things work properly.

Else set the modem in PPPoE mode to initiate the PPPoE session & u assign a pvt address to ur f/w's outside interface & configure the NAT'ing & Port forwarding of ur modem's public IP with the f/w's pvt IP address.[/b]

from Cisco PIX command reference:

enable if_name: Enable the VPDN function on a PIX Firewall interface. Specifies the
interface in if_name where L2TP or PPTP traffic is received.Only
inbound connections are supported.
Then this is not necessary

I know exactly which commands configure the pix for dialing pppoe:
vpdn group pppoe-adsl request dialout pppoe
vpdn group pppoe-adsl localname my_username
vpdn group pppoe-adsl ppp authentication pap
vpdn username my_username password my_password
ip address outside pppoe setroute

It seems you didn't understand exatly the problem
My PIX dial the pppoe connection correctly, then authenticate correctly and then does not receive the ip address from the DSLAM
Neither works with the fixed ip on the outside interface
ip address outside 59.xxx.xxx.xxx 255.255.255.255 pppoe

the problem is this line
PPP - dev 1, xmit data pkt, but ipcp protocol is not up
after this the DSLAM ask the PIX to terminate the connection

You can find the ethernet capture below:

No. Time Source Destination Protocol Info
1 0.000000 Unispher_41:57:c3 Cisco_xx:xx:xx PPP LCP Termination Request
2 0.007904 Unispher_41:57:c3 Cisco_xx:xx:xx PPPoED Active Discovery Terminate (PADT)
3 0.220805 Cisco_xx:xx:xx Broadcast PPPoED Active Discovery Initiation (PADI)
4 0.228693 Unispher_41:58:34 Cisco_xx:xx:xx PPPoED Active Discovery Offer (PADO)
5 0.228769 Cisco_xx:xx:xx Unispher_41:58:34 PPPoED Active Discovery Request (PADR)
6 0.228907 Unispher_41:57:c3 Cisco_xx:xx:xx PPPoED Active Discovery Offer (PADO)
7 0.229120 Unispher_41:58:2f Cisco_xx:xx:xx PPPoED Active Discovery Offer (PADO)
8 0.229609 Unispher_41:57:c2 Cisco_xx:xx:xx PPPoED Active Discovery Offer (PADO)
9 0.266106 Unispher_41:58:34 Cisco_xx:xx:xx PPPoED Active Discovery Session-confirmation (PADS)
10 0.266426 Cisco_xx:xx:xx Unispher_41:58:34 PPP LCP Configuration Request
11 0.369204 Unispher_41:58:34 Cisco_xx:xx:xx PPP LCP Configuration Request
12 0.369311 Cisco_xx:xx:xx Unispher_41:58:34 PPP LCP Configuration Ack
13 0.369418 Unispher_41:58:34 Cisco_xx:xx:xx PPP LCP Configuration Ack
14 0.369525 Cisco_xx:xx:xx Unispher_41:58:34 PPP LCP Echo Request
15 0.369662 81:4d:08:00:45:00 Unispher_41:58:34 PPP PAP Authenticate-Request
16 0.377474 Unispher_41:58:34 Cisco_xx:xx:xx PPP LCP Echo Reply
17 0.775372 Unispher_41:58:34 Cisco_xx:xx:xx PPP PAP Authenticate-Ack
18 15.362582 Cisco_xx:xx:xx Unispher_41:58:34 PPP LCP Echo Request
19 15.369250 Unispher_41:58:34 Cisco_xx:xx:xx PPP LCP Echo Reply
20 30.363070 Cisco_xx:xx:xx Unispher_41:58:34 PPP LCP Echo Request
21 30.370120 Unispher_41:58:34 Cisco_xx:xx:xx PPP LCP Echo Reply
22 45.363559 Cisco_xx:xx:xx Unispher_41:58:34 PPP LCP Echo Request
23 45.369998 Unispher_41:58:34 Cisco_xx:xx:xx PPP LCP Echo Reply
24 60.364062 Cisco_xx:xx:xx Unispher_41:58:34 PPP LCP Echo Request
25 60.370867 Unispher_41:58:34 Cisco_xx:xx:xx PPP LCP Echo Reply
26 75.364535 Cisco_xx:xx:xx Unispher_41:58:34 PPP LCP Echo Request
27 75.371249 Unispher_41:58:34 Cisco_xx:xx:xx PPP LCP Echo Reply
28 90.365039 Cisco_xx:xx:xx Unispher_41:58:34 PPP LCP Echo Request
29 90.372088 Unispher_41:58:34 Cisco_xx:xx:xx PPP LCP Echo Reply
30 105.365527 Cisco_xx:xx:xx Unispher_41:58:34 PPP LCP Echo Request
31 105.371737 Unispher_41:58:34 Cisco_xx:xx:xx PPP LCP Echo Reply
32 120.340427 Unispher_41:58:34 Cisco_xx:xx:xx PPP LCP Termination Request
33 120.340855 Cisco_xx:xx:xx Unispher_41:58:34 PPP LCP Termination Ack
34 120.348179 Unispher_41:58:34 Cisco_xx:xx:xx PPPoED Active Discovery Terminate (PADT)
35 140.346668 Cisco_xx:xx:xx Broadcast PPPoED Active Discovery Initiation (PADI)
36 140.353794 Unispher_41:58:34 Cisco_xx:xx:xx PPPoED Active Discovery Offer (PADO)[/b]
 


baudhayan

Regulars
Regulars
Oct 20, 2005
238
10
Mumbai
QUOTE(Darkoddio @ Mar 3 2007, 05:45 PM) [snapback]82016[/snapback]
from Cisco PIX command reference:

enable if_name: Enable the VPDN function on a PIX Firewall interface. Specifies the
interface in if_name where L2TP or PPTP traffic is received.Only
inbound connections are supported.
Then this is not necessary

I know exactly which commands configure the pix for dialing pppoe:
vpdn group pppoe-adsl request dialout pppoe
vpdn group pppoe-adsl localname my_username
vpdn group pppoe-adsl ppp authentication pap
vpdn username my_username password my_password
ip address outside pppoe setroute

It seems you didn't understand exatly the problem
My PIX dial the pppoe connection correctly, then authenticate correctly and then does not receive the ip address from the DSLAM
Neither works with the fixed ip on the outside interface
ip address outside 59.xxx.xxx.xxx 255.255.255.255 pppoe

the problem is this line
PPP - dev 1, xmit data pkt, but ipcp protocol is not up
after this the DSLAM ask the PIX to terminate the connection

You can find the ethernet capture below:[/b]

Hv u chked whether ur modem is rcvg an IP address in PPPoE mode ???
 

darkoddio

Newbie
[OP]
Feb 28, 2007
3
0
Hv u chked whether ur modem is rcvg an IP address in PPPoE mode ???

The answare is YES, my modems (MTNL provided or D-Link brand) receive correctly the public IP address if I dial the PPPoE connection with them


The problem still exist