Friday, March 22, 2013

CISCO IPv6 PPPOE server

I have been trying to test a CPE router with IPv6 PPPoE client, and finally manage to setup a PPPoE server in a cisco 7K witch supports IPv6. Now the set-up seems to establish an IPv6 link local address in the ppp0 interface in the CPE router and the br0 interface in the router is obtaining a global IPv6 address using DHCPv6. I will update this post with more details soon  . CISCO running config is given below,


-----------------------

version 12.4
!
ipv6 unicast-routing
ipv6 cef
ipv6 dhcp pool Clients
 prefix-delegation pool DhcpPool
!
ipv6 dhcp pool dhcpv6
 prefix-delegation pool dhcpv6-pool1 lifetime 1800 600
 address prefix 2001:1::/64
 dns-server 2001:1::1
 domain-name dhcpv6.com
!
!
multilink bundle-name authenticated
!

memory-size iomem 0
username cisco password 0 cisco
archive
 log config
  hidekeys
!
bba-group pppoe GROUP
!
bba-group pppoe GROUPA
 virtual-template 1
!
!
interface Loopback0
 ip address 10.12.0.1 255.255.255.0
 ipv6 address 2001:6::1/64
 ipv6 enable
!
interface Loopback1
 no ip address
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 ipv6 address 2001:2::1/64
 ipv6 enable
 ipv6 nd managed-config-flag
 ipv6 dhcp server dhcpv6
 pppoe enable group GROUPA
!
interface FastEthernet0/1
 ip address dhcp
 duplex auto
 speed auto
 ipv6 address 2001:1::1/64
!
interface Virtual-Template1
 ip unnumbered Loopback0
 ipv6 unnumbered Loopback0
 ipv6 enable
 ipv6 nd managed-config-flag
 ipv6 nd other-config-flag
 ipv6 nd router-preference High
 no ipv6 nd ra suppress
 ipv6 dhcp server dhcpv6
 peer default ip address pool ppppool1
 peer default ipv6 pool dhcpv6-pool1
 ppp authentication pap chap callin
!
ip local pool ppppool1 10.12.0.50 10.12.0.254
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ipv6 local pool dhcpv6-pool1 2001:5::/32 48
!

----------------------------------------------




Thursday, March 21, 2013

L2TP with MPPE


For my understanding L2TP usually use IPsec for security, but today I tested a cpe router which has a L2TP client which use MPPE. I was puzzled but then I figured out that CISCO ios support L2TP with MPPE. You just need to add the line "ppp encrypt mppe auto" to the virtual template,

---------------------------------------------------------------------
vpdn-group L2TP-pure
 accept-dialin
  protocol l2tp
  virtual-template 52

interface Virtual-Template52
 ip unnumbered Loopback1
 ip nat inside
 ip virtual-reassembly
 peer default ip address pool L2TP-POOL
ppp encrypt mppe auto

ip local pool L2TP-POOL 192.168.60.10 192.168.60.100
---------------------------------------------------------------------