Table of Contents
- About the Author
- Icons Used in This Book
- Command Syntax Conventions
- Chapter 1. Basic Troubleshooting Methodology
- Chapter 2. Troubleshooting Layer Two Forwarding Protocol VPNs
- Chapter 3. Troubleshooting Point-to-Point Tunneling Protocol VPNs
- Chapter 4. Troubleshooting the Layer 2 Tunneling Protocol Version 2 VPNs
- Chapter 5. Troubleshooting L2TPv3 Based VPNs
- Chapter 6. Troubleshooting Multiprotocol Label Switching Layer 3 VPNs
- Chapter 7. Troubleshooting Any Transport over MPLS Based VPNs
- 8. Troubleshooting IPSec VPNs
- Appendix A. Review Questions and Answers
- Appendix B. Lab Instructions and Solutions
Chapter 3 Review Questions & Answers
What is the initial message used in PPTP tunnel negotiation?
Answer: The initial message is the Start-Control-Connection-Request (SCCRQ).
If the remote access client/PNS is sending PPTP control channel messages, but those messages are not being received by the PAC, what are some possible causes?
Answer: Lack of basic IP connectivity, an access-list blocking TCP port 1723.
How is the tunnel session established between the remote access client/PNS and the PAC?
Answer: The remote access client/PNS sends a OCRQ, and the PAC replies with an OCRP.
How are data tunnel packets transmitted between the remote access client/PNS and the PAC?
Answer: Data tunnel packets are transmitted using Enhanced GRE.
The remote access client/PNS and the PAC successfully authenticate each other using standard MD5 CHAP, but then MPPE negotiation fails. What is the issue here?
Answer: MPPE requires MS-CHAP authentication.
Tunnel setup fails between the remote access client/PNS and the PAC. When debugging PPP negotiation, the following message is seen: O PROTREJ [Open] id 232 len 16 protocol CCP. What does this message reveal?
Answer: This message indicates that the PAC has rejected configuration of the CCP, including MS-PPC and MPPE.
During IPCP negotiation, the following message is seen, IPCP: Cannot satisfy pool request. What does this indicate? Assume that local IP address assignment is being used.
Answer: This indicates that the IP address pool has been incorrectly configured or that there are no addresses left to allocate.
The network administrator issues the command clear vpdn tunnel pptp remote_access_client/PNS_name PAC_name. What messages are exchanged between the remote access client/PNS and the PAC as the tunnel is terminated?
Answer: The PAC first sends a CDN to the remote access client/PNS. This is immediately followed by a Stop-Control-Connection-Request (StopCCRQ). The remote access client/PNS replies with a Stop-Control-Connection-Reply, and the tunnel is down.
Windows remote access client/PNS users are complaining of Internet reachability issues when connected to the PAC via a PPTP tunnel. What is most likely the issue here?
Answer: The remote access client/PNS most likely has a split tunnel issue. This means that the default route on the remote access client/PNS is causing Internet-bound packets to be sent via the PPTP tunnel to the PAC, rather than directly to the ISP.
A remote access client/PNS user wishes to configure Multilink PPP on the PPTP tunnel to the PAC. How can this be supported on the PAC?
Answer: Multilink PPP is not supported on PPTP tunnels with Cisco routers.