- PR -

Cisco2621でフレッツ（asahiネット）

投稿者	投稿内容
未記入会議室デビュー日: 2008/12/06 投稿数: 1	投稿日時: 2008-12-06 17:16 お世話になります。 Cisco2621でPPPoE接続を行おうと思い、様々なサイトを参考にし設定を行いましたが、接続がうまく確立できません。 asahiネットのフレッツ光では認証にCHAPを用いているようなのですが、 debugではCHAP認証に失敗し、PAPで認証に成功しているように見受けられます。 CHAPだけでは認証に失敗するので、設定上ではCHAPとPAPの両方を設定しております。 PAPで認証完了後、ルーティング情報が追加されているので pingをうちましたが、ARPテーブルにエントリがのらないので対向でICMPをフィルタリングされているわけではないようです。ブラウザからのアクセスはもちろん、nslookup等でもInternetへの疎通が確認できておりません。またshow pppoe sessionコマンドは未実装のため、確認することができません。 -- Cisco2621 IOS:c2600-ik9s-mz.122-11.T11.bin 下記が設定とデバッグメッセージになります。 ! vpdn enable ! vpdn-group pppoe request-dialin protocol pppoe ! interface FastEthernet0/0 no ip address duplex auto speed auto pppoe enable pppoe-client dial-pool-number 1 ! interface Dialer1 ip unnumbered FastEthernet0/0 ip mtu 1454 ip nat outside encapsulation ppp no ip route-cache ip tcp adjust-mss 1414 no ip mroute-cache dialer pool 1 dialer idle-timeout 0 dialer vpdn dialer-group 1 no cdp enable ppp authentication chap pap callin ppp chap hostname xxxxxxxxxx@atson.net ppp chap password xxxxxx ppp pap sent-username xxxxxxxxxx@atson.net password xxxxxx ! ip nat inside source list 1 interface Dialer1 overload ip route 0.0.0.0 0.0.0.0 Dialer1 permanent access-list 1 permit 192.168.101.72 0.0.0.7 ! #deb ppp authentication #deb ppp negotiation Mar 1 09:31:14: Vi1 PPP: Phase is DOWN, Setup Mar 1 09:31:14: %DIALER-6-BIND: Interface Vi1 bound to profile Di1 Mar 1 09:31:14: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up Mar 1 09:31:14: Vi1 PPP: Treating connection as a callout Mar 1 09:31:14: Vi1 PPP: Phase is ESTABLISHING, Active Open Mar 1 09:31:14: Vi1 PPP: Authorization required Mar 1 09:31:14: Vi1 PPP: No remote authentication for call-out Mar 1 09:31:14: Vi1 LCP: O CONFREQ [Closed] id 1 len 10 Mar 1 09:31:14: Vi1 LCP: MagicNumber 0x0C4D5747 (0x05060C4D5747) Mar 1 09:31:14: Vi1 LCP: I CONFACK [REQsent] id 1 len 10 Mar 1 09:31:14: Vi1 LCP: MagicNumber 0x0C4D5747 (0x05060C4D5747) Mar 1 09:31:16: Vi1 LCP: I CONFREQ [ACKrcvd] id 2 len 19 Mar 1 09:31:16: Vi1 LCP: MRU 1454 (0x010405AE) Mar 1 09:31:16: Vi1 LCP: AuthProto CHAP (0x0305C22305) Mar 1 09:31:16: Vi1 LCP: MagicNumber 0xF16C4EED (0x0506F16C4EED) Mar 1 09:31:16: Vi1 LCP: O CONFNAK [ACKrcvd] id 2 len 8 Mar 1 09:31:16: Vi1 LCP: MRU 1500 (0x010405DC) Mar 1 09:31:16: Vi1 LCP: I CONFREQ [ACKrcvd] id 3 len 19 Mar 1 09:31:16: Vi1 LCP: MRU 1500 (0x010405DC) Mar 1 09:31:16: Vi1 LCP: AuthProto CHAP (0x0305C22305) Mar 1 09:31:16: Vi1 LCP: MagicNumber 0xF16C4EED (0x0506F16C4EED) Mar 1 09:31:16: Vi1 LCP: O CONFACK [ACKrcvd] id 3 len 19 Mar 1 09:31:16: Vi1 LCP: MRU 1500 (0x010405DC) Mar 1 09:31:16: Vi1 LCP: AuthProto CHAP (0x0305C22305) Mar 1 09:31:16: Vi1 LCP: MagicNumber 0xF16C4EED (0x0506F16C4EED) Mar 1 09:31:16: Vi1 LCP: State is Open Mar 1 09:31:16: Vi1 PPP: Phase is AUTHENTICATING, by the peer Mar 1 09:31:16: Vi1 CHAP: I CHALLENGE id 1 len 37 from "brasgp59asaka040" Mar 1 09:31:16: Vi1 CHAP: Using hostname from interface CHAP Mar 1 09:31:16: Vi1 CHAP: Using password from interface CHAP Mar 1 09:31:16: Vi1 CHAP: O RESPONSE id 1 len 39 from "xxxxxxxxxx@atson.net" Mar 1 09:31:17: Vi1 LCP: I CONFREQ [Open] id 1 len 18 Mar 1 09:31:17: Vi1 LCP: MRU 1454 (0x010405AE) Mar 1 09:31:17: Vi1 LCP: AuthProto PAP (0x0304C023) Mar 1 09:31:17: Vi1 LCP: MagicNumber 0x563DD14B (0x0506563DD14B) Mar 1 09:31:17: Vi1 PPP: Phase is TERMINATING Mar 1 09:31:17: Vi1 PPP: Authorization required Mar 1 09:31:17: Vi1 PPP: No remote authentication for call-out Mar 1 09:31:17: Vi1 PPP: Phase is ESTABLISHING Mar 1 09:31:17: Vi1 LCP: O CONFREQ [Open] id 2 len 10 Mar 1 09:31:17: Vi1 LCP: MagicNumber 0x0C4D5F30 (0x05060C4D5F30) Mar 1 09:31:17: Vi1 LCP: O CONFNAK [Open] id 1 len 8 Mar 1 09:31:17: Vi1 LCP: MRU 1500 (0x010405DC) Mar 1 09:31:17: Vi1 LCP: I CONFACK [REQsent] id 2 len 10 Mar 1 09:31:17: Vi1 LCP: MagicNumber 0x0C4D5F30 (0x05060C4D5F30) Mar 1 09:31:17: Vi1 LCP: I CONFREQ [ACKrcvd] id 2 len 18 Mar 1 09:31:17: Vi1 LCP: MRU 1500 (0x010405DC) Mar 1 09:31:17: Vi1 LCP: AuthProto PAP (0x0304C023) Mar 1 09:31:17: Vi1 LCP: MagicNumber 0x563DD14B (0x0506563DD14B) Mar 1 09:31:17: Vi1 LCP: O CONFACK [ACKrcvd] id 2 len 18 Mar 1 09:31:17: Vi1 LCP: MRU 1500 (0x010405DC) Mar 1 09:31:17: Vi1 LCP: AuthProto PAP (0x0304C023) Mar 1 09:31:17: Vi1 LCP: MagicNumber 0x563DD14B (0x0506563DD14B) Mar 1 09:31:17: Vi1 LCP: State is Open Mar 1 09:31:17: Vi1 PPP: Phase is AUTHENTICATING, by the peer Mar 1 09:31:17: Vi1 PAP: Using hostname from interface PAP Mar 1 09:31:17: Vi1 PAP: Using password from interface PAP Mar 1 09:31:17: Vi1 PAP: O AUTH-REQ id 5 len 32 from "xxxxxxxxxx@atson.net" Mar 1 09:31:17: Vi1 PAP: I AUTH-ACK id 5 len 5 Mar 1 09:31:17: Vi1 PPP: Phase is FORWARDING, Attempting Forward Mar 1 09:31:17: Vi1 IPCP: Packet buffered while building VPDN interface Mar 1 09:31:17: Vi1 PPP: Phase is ESTABLISHING, Finish LCP Mar 1 09:31:17: Vi1 PPP: Phase is UP Mar 1 09:31:17: Vi1 IPCP: O CONFREQ [Closed] id 1 len 10 Mar 1 09:31:17: Vi1 IPCP: Address 0.0.0.0 (0x030600000000) Mar 1 09:31:17: Vi1 PPP: Pending ncpQ size is 1 Mar 1 09:31:17: Vi1 IPCP: Redirect packet to Vi1 Mar 1 09:31:17: Vi1 IPCP: I CONFREQ [REQsent] id 1 len 10 Mar 1 09:31:17: Vi1 IPCP: Address 124.155.49.5 (0x03067C9B3105) Mar 1 09:31:17: Vi1 IPCP: O CONFACK [REQsent] id 1 len 10 Mar 1 09:31:17: Vi1 IPCP: Address 124.155.49.5 (0x03067C9B3105) Mar 1 09:31:17: Vi1 IPCP: I CONFNAK [ACKsent] id 1 len 10 Mar 1 09:31:17: Vi1 IPCP: Address 124.155.50.161 (0x03067C9B32A1) Mar 1 09:31:17: Vi1 IPCP: O CONFREQ [ACKsent] id 2 len 4 Mar 1 09:31:17: Vi1 IPCP: I CONFACK [ACKsent] id 2 len 4 Mar 1 09:31:17: Vi1 IPCP: State is Open Mar 1 09:31:17: Di1 IPCP: Install route to 124.155.49.5 Mar 1 09:31:17: Vi1 IPCP: Add link info for cef entry 124.155.49.5 Mar 1 09:31:18: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up #show ip route 124.0.0.0/32 is subnetted, 1 subnets C 124.155.49.5 is directly connected, Dialer1 192.168.101.0/29 is subnetted, 1 subnets C 192.168.101.72 is directly connected, FastEthernet0/1 S 0.0.0.0/0 is directly connected, Dialer1 -- ご教示いただけますよう、宜しくお願い致します。

投稿者

投稿内容

未記入: 会議室デビュー日: 2008/12/06; 投稿数: 1

投稿日時: 2008-12-06 17:16

お世話になります。

Cisco2621でPPPoE接続を行おうと思い、様々なサイトを参考にし
設定を行いましたが、接続がうまく確立できません。

asahiネットのフレッツ光では認証にCHAPを用いているようなのですが、
debugではCHAP認証に失敗し、PAPで認証に成功しているように
見受けられます。

CHAPだけでは認証に失敗するので、設定上ではCHAPとPAPの両方を
設定しております。

PAPで認証完了後、ルーティング情報が追加されているので
pingをうちましたが、ARPテーブルにエントリがのらないので
対向でICMPをフィルタリングされているわけではないようです。

ブラウザからのアクセスはもちろん、nslookup等でもInternetへの
疎通が確認できておりません。

またshow pppoe sessionコマンドは未実装のため、
確認することができません。

--
Cisco2621
IOS:c2600-ik9s-mz.122-11.T11.bin

下記が設定とデバッグメッセージになります。

!
vpdn enable
!
vpdn-group pppoe
request-dialin
protocol pppoe
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
!
interface Dialer1
ip unnumbered FastEthernet0/0
ip mtu 1454
ip nat outside
encapsulation ppp
no ip route-cache
ip tcp adjust-mss 1414
no ip mroute-cache
dialer pool 1
dialer idle-timeout 0
dialer vpdn
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname xxxxxxxxxx@atson.net
ppp chap password xxxxxx
ppp pap sent-username xxxxxxxxxx@atson.net password xxxxxx
!
ip nat inside source list 1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1 permanent
access-list 1 permit 192.168.101.72 0.0.0.7
!

#deb ppp authentication
#deb ppp negotiation
*Mar 1 09:31:14: Vi1 PPP: Phase is DOWN, Setup
*Mar 1 09:31:14: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
*Mar 1 09:31:14: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
*Mar 1 09:31:14: Vi1 PPP: Treating connection as a callout
*Mar 1 09:31:14: Vi1 PPP: Phase is ESTABLISHING, Active Open
*Mar 1 09:31:14: Vi1 PPP: Authorization required
*Mar 1 09:31:14: Vi1 PPP: No remote authentication for call-out
*Mar 1 09:31:14: Vi1 LCP: O CONFREQ [Closed] id 1 len 10
*Mar 1 09:31:14: Vi1 LCP: MagicNumber 0x0C4D5747 (0x05060C4D5747)
*Mar 1 09:31:14: Vi1 LCP: I CONFACK [REQsent] id 1 len 10
*Mar 1 09:31:14: Vi1 LCP: MagicNumber 0x0C4D5747 (0x05060C4D5747)
*Mar 1 09:31:16: Vi1 LCP: I CONFREQ [ACKrcvd] id 2 len 19
*Mar 1 09:31:16: Vi1 LCP: MRU 1454 (0x010405AE)
*Mar 1 09:31:16: Vi1 LCP: AuthProto CHAP (0x0305C22305)
*Mar 1 09:31:16: Vi1 LCP: MagicNumber 0xF16C4EED (0x0506F16C4EED)
*Mar 1 09:31:16: Vi1 LCP: O CONFNAK [ACKrcvd] id 2 len 8
*Mar 1 09:31:16: Vi1 LCP: MRU 1500 (0x010405DC)
*Mar 1 09:31:16: Vi1 LCP: I CONFREQ [ACKrcvd] id 3 len 19
*Mar 1 09:31:16: Vi1 LCP: MRU 1500 (0x010405DC)
*Mar 1 09:31:16: Vi1 LCP: AuthProto CHAP (0x0305C22305)
*Mar 1 09:31:16: Vi1 LCP: MagicNumber 0xF16C4EED (0x0506F16C4EED)
*Mar 1 09:31:16: Vi1 LCP: O CONFACK [ACKrcvd] id 3 len 19
*Mar 1 09:31:16: Vi1 LCP: MRU 1500 (0x010405DC)
*Mar 1 09:31:16: Vi1 LCP: AuthProto CHAP (0x0305C22305)
*Mar 1 09:31:16: Vi1 LCP: MagicNumber 0xF16C4EED (0x0506F16C4EED)
*Mar 1 09:31:16: Vi1 LCP: State is Open
*Mar 1 09:31:16: Vi1 PPP: Phase is AUTHENTICATING, by the peer
*Mar 1 09:31:16: Vi1 CHAP: I CHALLENGE id 1 len 37 from "brasgp59asaka040"
*Mar 1 09:31:16: Vi1 CHAP: Using hostname from interface CHAP
*Mar 1 09:31:16: Vi1 CHAP: Using password from interface CHAP
*Mar 1 09:31:16: Vi1 CHAP: O RESPONSE id 1 len 39 from "xxxxxxxxxx@atson.net"
*Mar 1 09:31:17: Vi1 LCP: I CONFREQ [Open] id 1 len 18
*Mar 1 09:31:17: Vi1 LCP: MRU 1454 (0x010405AE)
*Mar 1 09:31:17: Vi1 LCP: AuthProto PAP (0x0304C023)
*Mar 1 09:31:17: Vi1 LCP: MagicNumber 0x563DD14B (0x0506563DD14B)
*Mar 1 09:31:17: Vi1 PPP: Phase is TERMINATING
*Mar 1 09:31:17: Vi1 PPP: Authorization required
*Mar 1 09:31:17: Vi1 PPP: No remote authentication for call-out
*Mar 1 09:31:17: Vi1 PPP: Phase is ESTABLISHING
*Mar 1 09:31:17: Vi1 LCP: O CONFREQ [Open] id 2 len 10
*Mar 1 09:31:17: Vi1 LCP: MagicNumber 0x0C4D5F30 (0x05060C4D5F30)
*Mar 1 09:31:17: Vi1 LCP: O CONFNAK [Open] id 1 len 8
*Mar 1 09:31:17: Vi1 LCP: MRU 1500 (0x010405DC)
*Mar 1 09:31:17: Vi1 LCP: I CONFACK [REQsent] id 2 len 10
*Mar 1 09:31:17: Vi1 LCP: MagicNumber 0x0C4D5F30 (0x05060C4D5F30)
*Mar 1 09:31:17: Vi1 LCP: I CONFREQ [ACKrcvd] id 2 len 18
*Mar 1 09:31:17: Vi1 LCP: MRU 1500 (0x010405DC)
*Mar 1 09:31:17: Vi1 LCP: AuthProto PAP (0x0304C023)
*Mar 1 09:31:17: Vi1 LCP: MagicNumber 0x563DD14B (0x0506563DD14B)
*Mar 1 09:31:17: Vi1 LCP: O CONFACK [ACKrcvd] id 2 len 18
*Mar 1 09:31:17: Vi1 LCP: MRU 1500 (0x010405DC)
*Mar 1 09:31:17: Vi1 LCP: AuthProto PAP (0x0304C023)
*Mar 1 09:31:17: Vi1 LCP: MagicNumber 0x563DD14B (0x0506563DD14B)
*Mar 1 09:31:17: Vi1 LCP: State is Open
*Mar 1 09:31:17: Vi1 PPP: Phase is AUTHENTICATING, by the peer
*Mar 1 09:31:17: Vi1 PAP: Using hostname from interface PAP
*Mar 1 09:31:17: Vi1 PAP: Using password from interface PAP
*Mar 1 09:31:17: Vi1 PAP: O AUTH-REQ id 5 len 32 from "xxxxxxxxxx@atson.net"
*Mar 1 09:31:17: Vi1 PAP: I AUTH-ACK id 5 len 5
*Mar 1 09:31:17: Vi1 PPP: Phase is FORWARDING, Attempting Forward
*Mar 1 09:31:17: Vi1 IPCP: Packet buffered while building VPDN interface
*Mar 1 09:31:17: Vi1 PPP: Phase is ESTABLISHING, Finish LCP
*Mar 1 09:31:17: Vi1 PPP: Phase is UP
*Mar 1 09:31:17: Vi1 IPCP: O CONFREQ [Closed] id 1 len 10
*Mar 1 09:31:17: Vi1 IPCP: Address 0.0.0.0 (0x030600000000)
*Mar 1 09:31:17: Vi1 PPP: Pending ncpQ size is 1
*Mar 1 09:31:17: Vi1 IPCP: Redirect packet to Vi1
*Mar 1 09:31:17: Vi1 IPCP: I CONFREQ [REQsent] id 1 len 10
*Mar 1 09:31:17: Vi1 IPCP: Address 124.155.49.5 (0x03067C9B3105)
*Mar 1 09:31:17: Vi1 IPCP: O CONFACK [REQsent] id 1 len 10
*Mar 1 09:31:17: Vi1 IPCP: Address 124.155.49.5 (0x03067C9B3105)
*Mar 1 09:31:17: Vi1 IPCP: I CONFNAK [ACKsent] id 1 len 10
*Mar 1 09:31:17: Vi1 IPCP: Address 124.155.50.161 (0x03067C9B32A1)
*Mar 1 09:31:17: Vi1 IPCP: O CONFREQ [ACKsent] id 2 len 4
*Mar 1 09:31:17: Vi1 IPCP: I CONFACK [ACKsent] id 2 len 4
*Mar 1 09:31:17: Vi1 IPCP: State is Open
*Mar 1 09:31:17: Di1 IPCP: Install route to 124.155.49.5
*Mar 1 09:31:17: Vi1 IPCP: Add link info for cef entry 124.155.49.5
*Mar 1 09:31:18: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up

#show ip route
124.0.0.0/32 is subnetted, 1 subnets
C 124.155.49.5 is directly connected, Dialer1
192.168.101.0/29 is subnetted, 1 subnets
C 192.168.101.72 is directly connected, FastEthernet0/1
S* 0.0.0.0/0 is directly connected, Dialer1

--
ご教示いただけますよう、宜しくお願い致します。

＠IT SpecialPR

Cisco2621でフレッツ（asahiネット）

スキルアップ／キャリアアップ（JOB@IT）