Fault Symptom
The router functions as a LAC, and another vendor's device functions as an LNS. The tunnel parameters are delivered by the RADIUS server. The user device initiates PPPoE dialing. After successful user authentication, the LAC starts to set up a tunnel with the LNS.
After the configuration is complete, L2TP services are unavailable for the user. After the display l2tp tunnel command is run, the output shows that no tunnel is set up between the LAC and LNS.
Fault Analysis
1. Run the ping command to check the route between the LAC and LNS. The command output shows that the route is reachable.
2. Run the trace access-user command to check user dialing. The command output shows that the user passes authentication and the LAC sends a request to the LNS for setting up a tunnel. So, there is no problem with user dialing and authentication.
During the setup of the tunnel, however, a failure message is output by the LAC, which is as follows: "Failed to create L2TP session and notify server user down."
3. Check the tunnel parameters delivered by the RADIUS server together with the RADIUS vendor and confirm that the delivered tunnel parameters are correct.
4. Enable the debugging of L2TP on the LNS. The debugging result shows that the LNS receives an SCCRQ packet from the LAC and starts to set up a tunnel with the LAC. Before the tunnel is set up, the LNS receives another SCCRQ packet and considers this as an exception. As a result, the LNS stops the setup of the tunnel. As the process repeats, no tunnel is set up between the LAC and LNS.
It is confirmed that the LNS does not complete the setup of the tunnel before the tunnel timeout period expires on the LAC. Then, the LAC sends a request for setting up a tunnel again, which causes the LNS to stop the ongoing tunnel setup.
Procedure
1. Run the system-view to enter the system view.
2. Run the l2tp-group group-name command to enter the L2TP group view.
3. Run the tunnel timeout 5 command to set the tunnel timeout period to 5 seconds.
By default, the L2TP tunnel timeout period is 2 seconds. When the period is changed to 5 seconds, the fault is rectified.
Summary
The possible causes of the unsuccessful L2TP tunnel setup are as follows:
· The route between the LAC and LNS is unreachable.
· Dial-up users fail the authentication, and as a result, the LAC does not send a request to the LNS for setting up a tunnel.
· The tunnel parameters delivered by the RADIUS server are incorrect.
· The tunnel parameters set on the LNS and LAC do not match.
In this case, the fault is due to the last cause.
