V
V
Vladimir Pilipchuk2018-01-19 13:55:32
Cisco
Vladimir Pilipchuk, 2018-01-19 13:55:32

What are the limitations of L2TP connections on the Cisco ASR1002F?

Faced a strange limitation on the Cisco ASR1002F with ESP5 - a limitation of 33 L2TP / IPSec tunnels.
There is a subject, h the configured L2TP server. The first 33 connected clients (out of 300) are working, the rest have the status of the Connected tunnel, they are assigned an IP address, but there is no traffic inside the tunnel. If you Disable any one client, then the number of tunnels decreases, the 34th becomes the 33rd, and traffic inside the tunnel starts to go.
What limitation am I running into?
The configuration is simple:

vpdn enable
!
vpdn-group L2TP
 ! Default L2TP VPDN group
 ! Default PPTP VPDN group
 description == Remote Branche Termination ==
 accept-dialin
  protocol any
  virtual-template 1
 no l2tp tunnel authentication
!
!
interface Virtual-Template1
 ip address 192.168.0.1 255.255.254.0
 ip mtu 1400
 ip ospf network point-to-point
 peer default ip address pool VPN_POOL
 no keepalive
 ppp authentication ms-chap-v2
!
router ospf 1
 router-id 192.168.0.1
 redistribute eigrp 1 metric 100 metric-type 1 subnets
 network 192.168.0.0 0.0.1.255 area 0
!
ip local pool VPN_POOL 192.168.0.2 192.168.1.254
!

Answer the question

In order to leave comments, you need to log in

1 answer(s)
V
Vladimir Pilipchuk, 2018-02-07
@SLIDERWEB

I'll answer my own question, just in case anyone cares.
This limitation is a bug (acknowledged by TAC) in a number of IOS-XE images. The issue has been resolved in Cisco IOS-XE 15.5(3)S6

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question