Menu
▾
▴
1 Attachments
#47 Cisco IOS L2TP compatibility
Today I did some testing using mpd to establish a L2TP connection to a Cisco IOS 15.3.3 device and encountered two issues:
1) mpd's SCCCN message contains the same AVP's as the preceding SCCRQ message, specifically: Message Type, Protocol Version, Host Name, Framing Capabilities, and Assigned Tunnel ID. The RFC states that only Message Type is mandatory. I personally see nothing wrong with what mpd is doing but IOS displays warnings that the other AVP's should not be present. These are just warnings and do not cause any trouble with the connection.
2) When enabling hidden AVP's IOS doesn't seem to allow any values in the SCCRQ message to be hidden. This is a fatal error and the tunnel will not establish. See attached patch to prevent hiding the impacted AVP's.
Other than these issues it interoperates perfectly.
I just looked at the L2TP RFC a few hours ago and I have no idea if it makes to address these or if they're just typical Cisco craziness but thought I'd pass it on for your consideration. Thanks for making mpd!
It appears #1 is also a problem with Juniper per bug #38.
https://www.cisco.com/c/en/us/td/docs/ios/vpdn/command/reference/vpd_book/vpd_l1.html
l2tp hidden
To enable Layer 2 Tunneling Protocol (L2TP) attribute-value (AV) pair hiding, which encrypts the value of sensitive AV pairs, use the l2tp hidden command in VPDN group or VPDN template configuration mode. To disable L2TP AV pair value hiding, use the no form of this command.