L2TP tunnel between two cisco routers

Problem: a Cisco 1941 [15.1(2)T2] (Client) tries to connect to an Cisco7300 [12.3(22)] (Server) using L2TP, but after successful authentication of the client the server drops the connection.

Solution: The client tried to authenticate the server, but the server had no password for authentication. Normally only the client authenticates to the server in ISP environments. Server sends “O CHALLENGE” client sends “I RESPONSE”. In this case the Client sent “O CHALLENGE” back. I debugged this problem by removing the following line from the clients interface Virtual-PPP section:

ppp authentication chap pap callin optional

Usually this means “authenticate a client (optionally) using chap or pap when it calls in”, but on this router/ios-release the client tried to authenticate the server when this line is present.

Share on Facebook0Tweet about this on TwitterShare on Google+0Email this to someone