Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   Re: L2TP Help needed! (http://www.velocityreviews.com/forums/t713558-re-l2tp-help-needed.html)

bod43 02-01-2010 02:42 PM

Re: L2TP Help needed!
 
On 1 Feb, 13:41, "Elia S." <adminNOS...@spadhausen.com> wrote:
> Hello
> I am in this situation:
>
> HQ:
> Cisco 2651XM
> fast0/0 LAN 192.168.1.0/24
> fast0/1 remote link to the remote office via wireless link
> atm0.1 wan link
>
> Remote office: (
> Cisco 831:
> eth0: LAN 192.168.10.0/24
> eth1: "WAN"
>
> the eth1 of the C831 is connected via a transparent wireless bridge to the
> fast0/1 of the C2651xm in the HQ
> The C831 is not on all the day but only for a few hours a day. the remote
> lan just browses the internet via the wi-fi link and via the HQ's link. The
> wifi link is established at 11mbit (5mbit real throughput).
> The wireless link is encrypted via wep128 (UNSECURE) and cannot be upgraded.
>
> After some days of planning I produced these ideas:
>
> a) PPPoE Link (the C831,when switched on, calls the 2651XM and makes a PPP
> link to it) ms-chap-v2 + mppe 128
> b) lan to lan ipsec link. I have the problem that I can route though ipsec
> the traffic destinated to the remote lans (192.168.1.x -> 192.168.10.x and
> vice-versa but I don't know how to tunnel the traffic to internet via the
> 2651xm).
> c) L2TP+IPSEC. A dialer interface on the C831 and a ip route 0.0.0.0 0.0.0.0
> dial1 so everything goes through it.
>
> Problem: I never configured a l2tp "dial up" .
> Someone can help me ?


You may already have considered this however my
first thought is to just make the link a routed link.

This makes IPSEC straightforward and will also prevent
any broadcasts from leaking across the radio link.


L2TP-v3 does not seem to be supported on
83x or 85x or 87x.

L2TP does not seem to be supported on
831 but is on 836 and 801 so maybe that's a mistake
in the Feature Navigator.



bod43 02-01-2010 02:49 PM

Re: L2TP Help needed!
 
On 1 Feb, 14:42, bod43 <Bo...@hotmail.co.uk> wrote:
> On 1 Feb, 13:41, "Elia S." <adminNOS...@spadhausen.com> wrote:
>
>
>
> > Hello
> > I am in this situation:

>
> > HQ:
> > Cisco 2651XM
> > fast0/0 LAN 192.168.1.0/24
> > fast0/1 remote link to the remote office via wireless link
> > atm0.1 wan link

>
> > Remote office: (
> > Cisco 831:
> > eth0: LAN 192.168.10.0/24
> > eth1: "WAN"

>
> > the eth1 of the C831 is connected via a transparent wireless bridge to the
> > fast0/1 of the C2651xm in the HQ
> > The C831 is not on all the day but only for a few hours a day. the remote
> > lan just browses the internet via the wi-fi link and via the HQ's link. The
> > wifi link is established at 11mbit (5mbit real throughput).
> > The wireless link is encrypted via wep128 (UNSECURE) and cannot be upgraded.

>
> > After some days of planning I produced these ideas:

>
> > a) PPPoE Link (the C831,when switched on, calls the 2651XM and makes a PPP
> > link to it) ms-chap-v2 + mppe 128
> > b) lan to lan ipsec link. I have the problem that I can route though ipsec
> > the traffic destinated to the remote lans (192.168.1.x -> 192.168.10.x and
> > vice-versa but I don't know how to tunnel the traffic to internet via the
> > 2651xm).
> > c) L2TP+IPSEC. A dialer interface on the C831 and a ip route 0.0.0.0 0.0.0.0
> > dial1 so everything goes through it.

>
> > Problem: I never configured a l2tp "dial up" .
> > Someone can help me ?

>
> You may already have considered this however my
> first thought is to just make the link a routed link.
>
> This makes IPSEC straightforward and will also prevent
> any broadcasts from leaking across the radio link.
>
> L2TP-v3 does not seem to be supported on
> 83x or 85x or 87x.
>
> L2TP does not seem to be supported on
> 831 but is on 836 and 801 so maybe that's a mistake
> in the Feature Navigator.


By the way - if not already obvious I don't know much
about L2TP.

I did notice this -
http://www.net-gyver.com/?p=952

Bridging over GRE tunnels.

router-t(config-if)#bridge-group 1
% This command is an unreleased and unsupported feature

Still unsupported but apparently is does work??

It's not in the help.

(config-if)#bridge?
% Unrecognized command

This is an 877 on Version 12.4(15)T7.




All times are GMT. The time now is 12:41 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.