Category:Incoming L2TP
L2TP from Customers to AAISP
This is used to connect in to AAISP over a third-party internet connection. This gives you your usual AAISP IP (4 and 6) blocks and access to the internet as if you were conencted via a normal DSL circuit.
- Hostname: l2tp.aa.net.uk
- Plain L2TP without any IPsec
- MSCHAPv2 authentication
Some Notes from customers setting up L2TP IN to AAISP:
Cisco Routers
Cisco routers running IOS 12.3(2)T and later support L2TP client initiated tunneling which allows the router to establish an L2TP tunnel to A&A's L2TP server.
Most of the information required was gleaned from here: [1] plus a bit of trial and error and some packet capturing of good and bad L2TP sessions.
I have tested this on a Cisco 837 router running 12.3(11)YZ2, a 2821 running 12.4(15)T10 SPServices and a 2801 running 12.4(24)T3 ADVIPServices
Caveats:
- You will need to sanity check routing in your particular environment. This is especially important if you choose to use ppp ipcp route default on the l2tp tunnel. It's safest to make sure that you have a static route set to the L2TP server.
- I haven't tested this for IPV6 yet.
- This is "early release" information - I haven't yet used this in anger over a long period of time but will try to remember to come back and update if I find any major issues.
- This config snippet contains no security settings - be sure to configure some!
- I've used the IP address of the L2TP server rather than the DNS address - this is obviously at risk of change .
- You need to be running IP CEF on the router
Config:
Replace <whatever> with the appropriate information for your connection
ip cef l2tp-class lc-aaisp pseudowire-class pc-aaisp encapsulation l2tpv2 protocol l2tpv2 lc-aaisp ip local interface <interface that l2tp connection should go out from> interface Virtual-PPP9797 shutdown ip address negotiated no cdp enable ppp authentication chap callin ppp chap hostname <l2tp line login eg stzzz@a.2> ppp chap password 0 <site password> ppp direction callout ppp pap refuse pseudowire 90.155.53.19 10 pw-class pc-aaisp
Once the interface is configured you can issue a no shut on it to bring it up.
Debugging:
debug ppp authentication and debug ppp negotiation are your friends... In particular if you see "Circuit ID not set - contact support" in the authentication debug, contact A&A support to get them to fix your L2TP login.
Once the connection is up, you should see the virtual PPP interface configured with the static IP that is assigned to it in clueless.
If you get stuck, pop into the IRC channel and see if I'm around (basil_uk) and I'll help if possible.
Other Hardware
The TL-WR741ND router works, although it can only do NAT, but is very cheap.
L2TP from FireBrick
Creating a L2TP connection from a FireBrick to AAISP)
L2TP from OSX
Creating a L2TP connection from Apple OSX to AAISP
L2TP from Windows
Creating a L2TP connection from Windows to AAISP
L2TP from Linux
Creating a L2TP connection from Linux to AAISP
L2TP from Routerboard
Creating a L2TP connection from Routerboard to AAISP
L2TP from OpenWRT
Creating a L2TP connection from OpenWRT to AAISP
Pages in category 'Incoming L2TP'
The following 16 pages are in this category, out of 16 total.
L
- L2TP Client: Cisco
- L2TP Client: Debian
- L2TP Client: FireBrick
- L2TP Client: iOS
- L2TP Client: Linux
- L2TP Client: Mobile Broadband Routers
- L2TP Client: OpenWRT
- L2TP Client: OSX
- L2TP Client: Other Routers
- L2TP Client: pfSense
- L2TP Client: Routerboard
- L2TP Client: SNOM
- L2TP Client: Ubiquiti Edgerouter
- L2TP Client: Windows
- L2TP Latency Speed Tweaks
- L2TP Starlink