Table of Contents
- About the Author
- Icons Used in This Book
- Command Syntax Conventions
- Chapter 1. Basic Troubleshooting Methodology
- Chapter 2. Troubleshooting Layer Two Forwarding Protocol VPNs
- Chapter 3. Troubleshooting Point-to-Point Tunneling Protocol VPNs
- Chapter 4. Troubleshooting the Layer 2 Tunneling Protocol Version 2 VPNs
- Chapter 5. Troubleshooting L2TPv3 Based VPNs
- Chapter 6. Troubleshooting Multiprotocol Label Switching Layer 3 VPNs
- Chapter 7. Troubleshooting Any Transport over MPLS Based VPNs
- 8. Troubleshooting IPSec VPNs
- Appendix A. Review Questions and Answers
- Appendix B. Lab Instructions and Solutions
Chapter 4 Review Questions & Answers
What is the purpose of the Start-Control-Connection-Request (SCCRQ) message?
Answer: It is used to initiate the L2TP control connection between the LAC and the LNS.
Assuming that the L2TP tunnel has already been established, what is the sequence of messages between the LAC and the LNS that is used to set up the data session for an incoming call?
Answer: The sequence of messages used to set up a data session is Incoming-Call-Request (ICRQ), Incoming-Call-Reply (ICRP), and Incoming-Call-Connected (ICCN).
When the LNS wishes to establish an outgoing call to a remote access client, what is the sequence of messages sent between the LNS and LAC during call setup? Assume that the control connection is already established.
Answer: The sequence of messages used to set up an outgoing call is Outgoing-Call-Request (OCRQ), Outgoing-Call-Reply (OCRP), and Outgoing-Call-Connected (OCCN).
During session setup, the LNS wishes to signal the LAC that there are insufficient resources and that the session should be disconnected. Which message is used to signal this?
Answer: The LNS signals the LAC that there are insufficient resources to complete session setup using the CDN message.
How can the number of L2TP sessions be limited?
Answer: The number of sessions can be limited using the vpdn session-limit command.
How are remote access client PPP connections associated with a particular L2TP tunnel by the LAC?
Answer: The LAC associates PPP connections with a particular L2TP tunnel using either the remote access client's domain name, DNIS string, or complete user name (per-user VPDN).
Should the network administrator not wish to store tunnel configuration on the LAC, what is an alternative?
Answer: Tunnel configuration (definitions) can be stored on a AAA server.
What is the significance of the tunnel ID in the tunnel definitions on an AAA server?
Answer: The tunnel ID corresponds to the hostname of the LAC.
You suspect that the remote access client's password is incorrectly configured, and this is causing L2TP session establishment failure. Where and with what command which you troubleshoot this issue? Assume local authentication is being used.
Answer: The remote access client is only partially authenticated on the LAC, so this issue would have to be dealt with on the LNS. The command to use would be debug ppp negotiation or, alternatively, debug ppp authentication.
When troubleshooting L2TP session setup failure on the LNS using the debug ppp negotiation command, the following message is observed:
Feb 6 01:39:13.473 UTC: Vi1 LCP: O PROTREJ [Open] id 2 len 46 protocol IPCP
What does this message most likely indicate? Assume that local authentication is being used.
Answer: This most likely indicates that no IP address is configured on the virtual template.