Lab 3 PPP Over Atm v3.2

Lab 3
Configuring PPP over ATM
Overview
Description
In this lab, you configure the ERX as a B-RAS supporting PPP over ATM
clients. In this mode, a single client will be supported off a single ATM
subinterface or PVC.
Objectives
After completing this lab, you will be able to do the following:
• Configure the ERX as a Broadband Remote Access Server (B-RAS)
• Configure RADIUS authentication and accounting servers per virtual
router
• Configure ATM over a UT3 or UE3 controller
• Configure PPP over ATM interfaces on the ERX
• Create and apply a profile
• Configure logging on the ERX
• Verify the PPP over ATM configuration using logging and show
commands
Rev 3.2 3-1

Configuring PPP over ATM Lab 3
Logical Network Map
Client
DSL
Modem
Tyler@isp1.com
PPP Client
ISP1
U
ATM
T3/E3
RADIUS
DSL
Modem
PPP
Paul@isp2.com
ATM over
PPP Client
DSLAM Switch ATM ERX
DSL
Modem ISP2
Trish@isp2.com
PPP Client RADIUS
3-2 Rev 3.2 ERX B-RAS Configuration Basics

Lab 3 Initial ERX Configuration
Physical Network Map – Tear this page out!
Ux3
Slot ___ Client
Tyler@isp1.com SRP
/101
1 0 Slot ___
Clock Source 0 2 0/102 Paul@isp2.com
Internal Module
3 0/103 RADIUS returns:
ATM ISP1 Users
Trish@isp2.com •IP Address
UT3 or
UE3 default ISP2 Users
1 Tyler •IP Address
isp1.com
AT
M
Loop1 = 192.168.1.1/24
PV
RADIUS = 10.13.7.55 0
C
33
10.13.7.x/24
0/
2
33
IP Addr - See Chart

RADIUS
10.13.7.55/24
vr2
AT
M
Paul isp2.com
PV
C
Loop1 = 172.16.2.1/24
33
RADIUS = 10.13.7.55
0/3
3
Trish
IP Addr - See Chart
For Training Purposes Only Rev 3.2 3-3

Logical Network Map – Tear this page out!
Client
DSL
Modem
Tyler@isp1.com
PPP Client
ISP1
U
ATM
T3/E3
RADIUS
DSL
Modem
PPP
Paul@isp2.com
ATM over
PPP Client
DSLAM Switch ATM ERX
DSL
Modem ISP2
Trish@isp2.com
PPP Client RADIUS

Physical Network Map
Ux3
Slot ___ Client
Tyler@isp1.com SRP
/101
1 0 Slot ___
Clock Source 0 2 0/102 Paul@isp2.com
Internal Module
3 0/103 RADIUS returns:
ATM ISP1 Users
Trish@isp2.com •IP Address
UT3 or
UE3 default ISP2 Users
1 Tyler •IP Address
isp1.com
AT
M
Loop1 = 192.168.1.1/24
PV
RADIUS = 10.13.7.55 0
C
33
10.13.7.x/24
0/
2
33
IP Addr - See Chart

RADIUS
10.13.7.55/24
vr2
AT
M
Paul isp2.com
PV
C
Loop1 = 172.16.2.1/24
33
RADIUS = 10.13.7.55
0/3
3
Trish
IP Addr - See Chart

Initial ERX Configuration
Configuring the PPP over ATM Clients

In this lab, each ERX will act as several PPP over ATM clients using
special lab environment software. The clients will actually be located in a
separate virtual router on the ERX. The configuration file,
clientpppoa.cnf, is located on the flash card and will be used to
automatically configure this environment. We will simulate three xDSL
modems with a user per modem. Three PPP over ATM clients will be
configured.
1. Cable the ERX using the ERX Physical Network Map noting the slot
and port numbers on the map.
2. Configure the ERX to boot using the configuration file
clientpppoa.cnf specifying the once option.
3. Verify the boot settings.
4. Reload the ERX.
5. Verify that there are currently two virtual routers configured: the
default virtual router and the client virtual router.
6. Verify that 3 ATM PVCs have been configured.
7. Verify that 3 PPP interfaces have been configured. The state of the
interfaces should be passive.

Initial Default Router IP Configuration

We will first configure the Fast Ethernet interface in the default virtual
router on the ERX. This IP interface always resides in the default virtual
router. The RADIUS server for both virtual routers resides off this
Ethernet. Use the information found on the network map to complete the
following steps:
1. Switch to the default virtual router.
2. Configure the Management Fast Ethernet port using the IP address

and subnet mask found on the network map.
3. Configure a description for the Management Fast Ethernet such as

ERX# Mgmt Enet.
4. Test the IP interface using ping.
5. Verify that the RADIUS server is reachable using ping. Do not

continue until you can ping the RADIUS server.
6. Configure the default virtual router’s loopback interface using the IP

address and subnet mask found on the network map.
7. Configure the ERX for Telnet using the line vty command. Specify no
login to disable Telnet passwords.
8. Exit the line configuration mode.
9. Configure the ERX hostname.

Configuring isp1 for PPP over ATM

In this lab, we will configure global or box wide parameters and isp1’s
environment first and then verify this configuration.
Initial B-RAS Configuration

In this lab, isp1’s users will authenticate through the default router. The
RADIUS authentication server returns only the user’s IP address from an
IP address pool configured on the RADIUS server. All other information
required for connection establishment will be configured on the ERX.
Since isp1’s IP interfaces will reside in the default virtual router, static ip
interfaces will be configured. Profiles are ONLY required for IP interfaces
created in non-default virtual routers. Using this information as well as
information found on the network map, perform the following steps:
1. Configure a B-RAS license using the key provided by the instructor.
2. Configure an entry in the aaa domain map for isp1.com, including the
virtual router (default) and the loopback 1 interface.
3. Configure the RADIUS authentication server information for isp1 on

the ERX. Our RADIUS server uses UDP Port 1645. Ask the instructor
for the IP address of the RADIUS server as well as the RADIUS server
key.
4. Configure the RADIUS accounting server information for isp1 on the

ERX. Our RADIUS server uses UDP Port 1646. Ask the instructor for
the RADIUS server key.
5. Update the RADIUS source IP address. In this lab for the default
virtual router, the ERX should use the IP address of the management
Ethernet for all packets sent to the RADIUS server.
6. isp1’s clients will only receive their IP addresses from the RADIUS
authentication server. No local address pools are necessary.

Lab 3 Configuring isp1 for PPP over ATM
Configuring PPP over ATM

First we will configure the ATM interface on the ERX. Then we will
configure an ATM subinterface and PVC per modem or user. Each PVC
will be using PPP as the encapsulation method.
We will configure one PVC at a time. Then we will use the log and show
commands to verify that the PPP over ATM client is working properly.
Using the information found on the network map, perform the following
steps:
1. Configure the ATM interface on the UT3 or UE3 controller.
2. Configure the ATM subinterface for Tyler.
3. Configure the ATM PVC using aal5snap encapsulation for Tyler.
4. Configure the ATM subinterface for PPP encapsulation for Tyler.
5. Specify PPP CHAP authentication for Tyler.
6. Configure a static unnumbered IP interface, referencing Loopback 1.
7. Configure the IP interface to dynamically cache a host route in the IP

routing table using the ip access-routes command.
8. Exit configuration mode.

Configuring Logging
We will use the log to determine if the PPP /ATM client is working.
Perform the following steps to enable pppPacket logging for the PPP over
ATM subinterface just configured:
Viewing the Default ERX Logging Configuration
1. View the current log configuration settings using the show log config
command. Note the following:
♦ Severity level of the console: ___________________________________
♦ What is the default severity level for most categories? ____________
♦ What category has a different default severity level? _____________
♦ What is the severity level of pppPacket? ________________________
♦ Are there any filters listed for pppPacket? ______________________
♦ Are there any interfaces listed at the bottom of the show log
config display: _______________________________________________
2. Examine the ERX’s log stored in volatile memory using the following
commands and briefly note the results:
♦ show log data: ______________________________________________
♦ show log data severity 1:____________________________________
♦ Are any pppPacket events listed?_______________________________
♦ show log data category pppPacket severity 7: ______________

Lab 3 Configuring Logging
At this point, the ERX is not logging any pppPacket events for any
interfaces. We will now configure pppPacket logging on the PPP over
ATM subinterface just configured.
Initial ERX Logging Configuartion
1. Enter configuration mode.
2. Enable pppPacket DEBUG logging on the first PPP over ATM interface
configured. For example, to enable pppPacket DEBUG logging on the
PPP over ATM interface 12/0.1:
log severity debug pppPacket atm 5/1.1
4. Review the log configuration settings again. Keep in mind that you
could use CLI output filtering. Note the following:
♦ Severity level of pppPacket: ___________________________________
♦ Are there any interfaces listed at the bottom of the show log config
display? _____________________________________________________
_____________________________________________________________
Enabling the UT3 or UE3 Controller

Remember that by default, the UT3 or UE3 controller is disabled.
2. Enable the UT3 or UE3 interface using the no shutdown command.

Reviewing the ERX’s Log Stored in Volatile Memory

Review the log stored in volatile memory for the following sequence of
events:
1. Use the following commands and briefly note the results:
♦ Are any log messages appearing on the console? _________________
2. Perform the command show log data:
3. Perform the command show log data severity 7:
4. Perform the command show log data category pppPacket severity

7:
5. Examine the PPP LCP negotiation
♦ What LCP parameters were negotiated? ________________________
_____________________________________________________________
♦ Were the same LCP parameters negotiated in both directions? ____
_____________________________________________________________
6. PPP LCP CHAP challenge / response / success
♦ What name did the ERX use during the CHAP challenge? ________
_____________________________________________________________
♦ What name did the client use during the CHAP response? ________
_____________________________________________________________
♦ Was CHAP successful? ________________________________________

Lab 3 Configuring Logging
7. PPP ipNcp negotiation
♦ What IP address did the ERX use during ipNcp? ________________
♦ What IP address did the client initially use? ____________________
♦ Did the ERX agree to use the client’s initial IP address?__________
♦ What IP address did the client end up using? ___________________

Using Show Commands to Verify the Configuration
1. Verify that the client or subscriber is logged into the ERX:
show subscriber
show subscriber username ___________
2. Review the aaa domain map.
3. Determine if ATM cells are being transmitted and received:
show atm vc atm slot/port vcd
4. Determine if any PPP interfaces are up:
show ppp interface
show ppp interface state up
5. Determine if any PPP interfaces are down:
show ppp interface state down
6. Examine the PPP interface just configured:
show ppp interface | include slot/port.subinterface
show ppp interface full
show ppp interface full atm <interface>
7. Examine RADIUS statistics:
show radius statistics
8. Verify that the ERX is using the IP address of the Management

Ethernet interface for packets sent to the RADIUS server. This
address should not be 0.0.0.0. If it is, configure the ERX to update the
source IP address for any packets sent to the RADIUS server.
show radius update-source-addr
9. Examine the IP routing table:
show ip route
♦ Is the client’s IP address listed as a host route in the appropriate

virtual router’s IP routing table? _______________________________

Lab 3 Using Show Commands to Verify the Configuration
10. Baseline RADIUS statistics:
baseline radius
11. Examine RADIUS statistics:
show radius statistics
♦ Are the counters set to zero?___________________________________
12. Examine RADIUS statistics using the delta option:
show radius statistics delta
♦ Are the counters set to zero?___________________________________
13. Use the test aaa username password command to verify proper
RADIUS interaction:
test aaa tyler@isp1.com tyler
14. Examine RADIUS statistics again using the delta option:
show radius statistics delta
♦ Did the counters increment? ___________________________________

Logging to the Console

At this point, we have only logged to volatile memory. It is also possible to
log to the console in real-time.
2. Shutdown the UT3A or UE3A controller configured in this lab.
3. Configure the log destination to be the console with a severity of Debug

DEBUG or 7.
log destination console severity debug
5. Review the log configuration settings again. Note the following:
♦ Severity level of pppPacket:____________________________________
♦ Are there any interfaces listed at the bottom of the show log config
display?______________________________________________________
_____________________________________________________________
Enabling the UT3A or UE3A Controller.
2. Enable the UT3A or UE3A controller using the no shutdown

command.

Lab 3 Using Show Commands to Verify the Configuration
Reviewing the Log

At this point, the log messages should be displaying in real-time on the
console. Review the log for the following sequence of events:
1. Examine the PPP LCP negotiation again.
♦ What LCP parameters were negotiated? ________________________
_____________________________________________________________
♦ Were the same LCP parameters negotiated in both directions? ___
_____________________________________________________________
2. Examine the ERX’s log file in volatile memory using the show log
data category pppPacket severity 7 command:
♦ How many times was PPP negotiated in the log? ________________
3. Once Tyler successfully connects, copy the running configuration to a

file on the flash called pppatm.cnf.
4. pppPacket log messages will continue to appear on the console due to

PPP keepalive messages. Enter config mode and turn off all log filters
and lower the console severity level to Warning:
no log filters
log destination console severity 3

B-RAS Configuration for isp2
Initial Configuration for isp2

isp2 clients will authenticate through the vr2 virtual router, though in our
lab environment both ISPs are actually using the same RADIUS server.
Notice, however, that the RADIUS server is located off the Fast Ethernet
IP interface located in the default virtual router.
Using this information as well as information found on the network map,
perform the following steps:
1. Create the virtual router for isp2 called vr2.
2. In the vr2 virtual router, determine if the RADIUS server is reachable

using ping.
3. Examine vr2’s IP routing table.

Notice that the RADIUS server is not reachable from vr2 since this
virtual router does not have a route to the server. Remember that
layer 1 and layer 2 information is global or box-wide in nature, but
layer 3 information is specific to a virtual router.
Since the RADIUS server is located off the Fast Ethernet IP Interface
which resides in the default virtual router, we need to configure a link
between the default virtual router and vr2 to provide connectivity to
the RADIUS server.
4. Switch to the default virtual router.
5. In the default virtual router, use UT3A/TE3A port 0 and configure an

ATM PVC that will connect the default virtual router and vr2. Use the
information found on the network map. This PVC will use aal5snap
encapsulation.

Lab 3 B-RAS Configuration for isp2
6. Configure the ATM PVC for IP using the IP addresses found in the
following table:
ERX IP Address default Router IP Address vr2

ERX1 10.10.10.1/24 10.10.10.2/24
ERX2 20.20.20.1/24 20.20.20.2/24
ERX3 30.30.30.1/24 30.30.30.2/24
ERX4 40.40.40.1/24 40.40.40.2/24
ERX5 50.50.50.1/24 50.50.50.2/24
ERX6 60.60.60.1/24 60.60.60.2/24
ERX7 70.70.70.1/24 70.70.70.2/24
ERX8 80.80.80.1/24 80.80.80.2/24
7. Switch to the vr2 virtual router.
8. In vr2, use UT3A/UE3A Port 1 and configure an ATM PVC that will
connect vr2 and the default virtual router. Use the information found
on the network map and the above table. This PVC will use aal5snap
encapsulation.
9. Verify that the link is operational. Do not continue until the link is
operational.
♦ Can you ping the RADIUS server from the vr2 virtual router?
_____________________________________________________________
10. Examine the IP Routing table on the vr2 virtual router.
♦ Is the 10.13.7.0 network listed in vr2’s IP Routing Table?
_____________________________________________________________
11. In vr2, configure a static route to provide IP connectivity to the

RADIUS server. The instructor may need to verify that the RADIUS
server has a route as well.
12. Verify that the RADIUS server is reachable from vr2 using ping. Do
not continue until the RADIUS server is reachable from vr2.
13. Configure the vr2’s loopback interface using the IP address and subnet
mask found on the network map.

B-RAS Configuration for isp2

We will now configure the ERX to support isp2 for B-RAS.
Remember that isp2’s users will authenticate through the vr2 virtual
router. The RADIUS authentication server returns only the user’s IP
address from an IP address pool configured on the RADIUS server. All
other information required for connection establishment will be configured
on the ERX.
Using this information as well as information found on the network map,
perform the following steps:
1. Add an entry to the aaa domain map for isp2.com.
2. Configure the RADIUS authentication server information for isp2 on

the ERX. Our RADIUS server uses UDP Port 1645. Ask the instructor
for the IP address of the RADIUS server as well as the RADIUS server
key.
3. Configure the RADIUS accounting server information for isp2 on the

ERX. Our RADIUS server uses UDP Port 1646. Ask the instructor for
the RADIUS server key.
4. Update the RADIUS source IP address. In this lab for virtual router
vr2, the ERX should use the IP address of the ATM interface located in
vr2 for all packets sent to the RADIUS server.
5. Test your RADIUS configuration using the test aaa command. Paul’s
password is paul and Trish’s password is trish.
♦ Is the test aaa command successful for both Paul and Trish?
_____________________________________________________________
If the test aaa command is not successful, please review and verify
your RADIUS configuration.

Lab 3 B-RAS Configuration for isp2
6. isp2’s clients will only receive their IP addresses from the RADIUS
authentication server. No local address pools are necessary.
7. Shutdown both UT3 or UE3 controllers being used for PPP over ATM.
Normally this step would not be necessary. This step is simply to aid in
learning and troubleshooting in our lab environment.
8. Create a profile called ip-only that will be used for isp2’s clients. This
profile will only define IP configuration information, specifically an IP
host route in the routing table using the command ip access-route.
♦ Based on the information above, in which virtual router will the

ERX dynamically create the IP Interfaces for isp2’s users or clients?
_____________________________________________________________
_____________________________________________________________
♦ In this configuration, what parameter determined the virtual router

assignment for dynamically created IP Interfaces for isp2? _______
_____________________________________________________________
♦ What are the two other methods the ERX could use to determine
which virtual router to use for isp2’s Dynamic IP Interfaces or
users?
_____________________________________________________________
_____________________________________________________________
9. Exit the profile configuration mode.
10. Using the section Configuring PPP over ATM as a reference,

configure isp2’s PPP over ATM interfaces for Paul and Trish on the
same UT3 or UE3 controller. INSTEAD of statically defining the IP
Interface and statically configuring an ip access-route (Step 6 & 7),
apply the ip-only profile just configured, specifying the ip protocol.
11. Using the sections Configuring Logging and Using Show

Commands to Verify the Configuration, verify that Tyler, Paul and
Trish were able to connect.

Sample PPP over ATM Configuration File – ERX6

ERX6#show config
! Configuration script being generated on WED NOV 28 2001 13:06:00 UTC
! Unisphere Edge Routing Switch ERX-700
! Version: 3.2.1 patch-1.1 (October 22, 2001 14:54)
! Copyright (c) 1999-2001 Unisphere Networks, Inc. All rights reserved.
boot config running-configuration
boot system 3-2-1p1-1.rel
no boot backup
no boot subsystem
no boot backup subsystem
no boot force-backup
no boot slot
!
! Note: The following commands are here to ensure that all virtual routers
and
! vrfs are created before other commands that may need to reference them.
! These commands will be repeated further on as each virtual router and vrf
! has its configuration presented.
!
virtual-router default
virtual-router client
virtual-router vr2
!
!
license b-ras DeMo
aaa domain-map "isp1.com"
loopback 1
!
aaa domain-map "isp2.com"
virtual-router vr2
loopback 1
!
hostname ERX6
service ctrl-x-reboot
exception protocol ftp anonymous null
!
controller t1 2/0
controller t1 2/1
controller t1 2/2
controller t1 2/3
controller t1 2/4
controller t1 2/5
controller t1 2/6
controller t1 2/7
controller t1 2/8
controller t1 2/9
controller t1 2/10
controller t1 2/11
controller t1 2/12
Lab 3 Sample PPP over ATM Configuration File – ERX6
controller t1 2/13
controller t1 2/14
controller t1 2/15
controller t1 2/16
controller t1 2/17
controller t1 2/18
controller t1 2/19
controller t1 2/20
controller t1 2/21
controller t1 2/22
controller t1 2/23
!
controller t3 5/0
no shutdown
clock source internal module
!
controller t3 5/1
no shutdown
!
controller t3 5/2
controller t3 4/0
controller t3 4/1
controller t3 4/2
controller sonet 6/0
!
controller sonet 6/1
!
!
line console 0
line vty 0 4
no login
!
log engineering
log verbosity low
log destination console severity error
no log engineering
log fields timestamp instance no-calling-task
!
bandwidth oversubscription
profile default
profile "ip-only"
!
aaa authentication ppp default radius
aaa accounting ppp default radius
!
ip address-pool local
interface null 0
interface loopback 1
ip address 192.168.1.1 255.255.255.0
!
interface atm 5/0

no shutdown
atm clock internal module
!
interface atm 5/0.33 point-to-point
atm pvc 33 0 33 aal5snap 0 0 0
ip address 60.60.60.1 255.255.255.0
!
interface atm 5/1
no shutdown
!
encapsulation ppp
ppp authentication chap
ip unnumbered loopback 1
ip access-routes
!
encapsulation ppp
profile ip "ip-only"
!
encapsulation ppp
profile ip "ip-only"
!
interface fastEthernet 0/0
description ERX6 mgmt enet
ip address 10.13.7.16 255.255.255.0
!
radius authentication server 10.13.7.55
udp-port 1645
key training
!
radius accounting server 10.13.7.55
udp-port 1646
key training
!
radius update-source-addr 10.13.7.16
!
snmp-server
!
!
===========================================================================
===
virtual-router client

Lab 3 Sample PPP over ATM Configuration File – ERX6
!
interface null 0
ip address 9.9.9.9 255.255.255.255
!
encapsulation ppp
!
encapsulation ppp
!
encapsulation ppp
!
ip bgp-community new-format
no ip source-route
!
snmp-server
!
!
===========================================================================
===
virtual-router vr2
!
interface null 0
ip address 172.16.2.1 255.255.255.0
!
ip address 60.60.60.2 255.255.255.0
!
ip route 10.13.7.0 255.255.255.0 atm5/1.33
ip bgp-community new-format
no ip source-route
!
radius authentication server 10.13.7.55
udp-port 1645
key training
!
radius accounting server 10.13.7.55

udp-port 1646
key training
!
radius update-source-addr 60.60.60.2
!
snmp-server
!
! End of generated configuration script.
ERX6#

Lab 3 Sample Configuration Steps – ERX1
Sample Configuration Steps – ERX1

ERX-00-11-00#show vir
Virtual Router : default
Virtual Router : client
ERX-00-11-00#show atm vc
Cate In Sta
Interface VCD VPI VCI Encap gory Peak Avg Burst ARP tus
--------- --- --- --- ----- ---- ---- --- ----- --- ---
ATM 5/0.1 1 0 101 SNAP UBR 0 0 0 No UP
ATM 5/0.2 2 0 102 SNAP UBR 0 0 0 No UP
ATM 5/0.3 3 0 103 SNAP UBR 0 0 0 No UP
ERX-00-11-00#show ppp int

PPP interface atm 5/0.1 is passive (max configure exceeded)
3 ppp interfaces found
% No mlppp interfaces found
ERX-00-11-00#conf t
Enter configuration commands, one per line. End with ^Z.
ERX-00-11-00(config)#int fast 0/0
ERX-00-11-00(config-if)#ip address 10.13.7.16 255.255.255.0
ERX-00-11-00(config-if)#desc ERX6 mgmt enet
ERX-00-11-00(config-if)#end
ERX-00-11-00#ping 10.13.7.16
Sending 5 ICMP echos to 10.13.7.16, timeout = 2 sec.
!!!!!
Success rate = 100% (5/5), round-trip min/avg/max = 0/0/1 ms
ERX-00-11-00#ping 10.13.7.55
!!!!!
ERX-00-11-00#conf t
ERX-00-11-00(config)#int loop 1
ERX-00-11-00(config-if)#ip add 192.168.1.1 255.255.255.0
ERX-00-11-00(config-if)#line vty 0 4
ERX-00-11-00(config-line)#no login
ERX-00-11-00(config-line)#hostname ERX6
ERX6(config)#license b-ras DeMo
NOTICE: The Subscriber Management Feature Pack software installed on this
system is licensed to support a specific number of simultaneous
xDSL
users. Configuration or operational support for more concurrent
users
than what has been purchased is in direct violation of the product
license agreement.
Proceed with 'license b-ras' command? [confirm]
license for 100 subscribers configured.

ERX6(config)#aaa domain-map isp1.com default loopback 1
ERX6(config)#radius authentication server 10.13.7.55

ERX6(config-radius)#udp-port 1645
ERX6(config-radius)#key training
ERX6(config-radius)#exit
ERX6(config)#radius accounting server 10.13.7.55
ERX6(config-radius)#udp 1646
ERX6(config-radius)#key training
ERX6(config-radius)#exit
ERX6(config)#radius update
ERX6(config)#radius update-source-addr 10.13.7.16
ERX6(config)#interface atm 5/1
ERX6(config-if)#interface atm 5/1.1
ERX6(config-subif)#atm pvc 1 0 101 aal5snap
ERX6(config-subif)#encap ppp
ERX6(config-subif)#ppp authentication chap
ERX6(config-subif)#ip unnumbered loop 1
ERX6(config-subif)#ip access-route
ERX6(config-subif)#end
ERX6#show log config
log destination console severity WARNING
log destination nv-file severity CRITICAL
no log engineering
log here
no log severity
category severity verbosity filters notes

------------------------- -------- --------- ------- -----
NameResolverLog ERROR low
aaaAtm1483Cfg ERROR low
aaaEngineGeneral ERROR low
aaaServerGeneral ERROR low
aaaUserAccess ERROR low
addressServerGeneral ERROR low
atm ERROR low
atm1483 ERROR low
atmAal5 ERROR low
bgpConnections ERROR low
bgpDampening ERROR low
bgpEvents ERROR low
bgpGeneral ERROR low
bgpKeepAlives ERROR low
bgpMessages ERROR low
bgpNeighborChanges NOTICE low
bgpRoutes ERROR low
bgpVpn ERROR low
bridgedEthernet ERROR low
bulkStats ERROR low
cacGeneral ERROR low
cacIntf ERROR low
cbf ERROR low
cbfEngine ERROR low

cliCommand NOTICE low

controlNetworkSlave ERROR low
cops ERROR low
crldpGeneral ERROR low
ctreeLog ERROR low
dcm ERROR low
dcmEngineGeneral ERROR low
dhcpGeneral ERROR low
dhcpLocalServerGeneral ERROR low
dhcpProxyGeneral ERROR low
dhcpRelayGeneral ERROR low
dnsGeneralLog ERROR low
ds1 ERROR low
ds3 ERROR low
dvmrpGeneral ERROR low
dvmrpMcastTable ERROR low
dvmrpProbeRcv ERROR low
dvmrpProbeSent ERROR low
dvmrpRtTable ERROR low
ethernet ERROR low
frameRelay ERROR low
fsAgent ERROR low
ft1 ERROR low
ftpClient ERROR low
ftpServer ERROR low
ftpdEngineering ERROR low
gplaan ERROR low
hdlc ERROR low
httpServer ERROR low
icmpTraffic ERROR low
igmpGeneral ERROR low
ipEngine ERROR low
ipGeneral ERROR low
ipInterface ERROR low
ipNhopTrackerGeneral ERROR low
ipProfileMgr ERROR low
ipRoutePolicy ERROR low
ipRouteTable ERROR low
ipTraffic ERROR low
ipTunnel ERROR low
isisAdjChange ERROR low
isisAdjPackets ERROR low
isisChecksumErr ERROR low
isisGeneral ERROR low
isisLocalUpdate ERROR low
isisMplsTeAdvertisements ERROR low
isisMplsTeEvents ERROR low
isisProtocolErr ERROR low
isisSnpPackets ERROR low
isisSpfEvents ERROR low
isisSpfPackets ERROR low
isisSpfStatistics ERROR low

isisSpfTriggers ERROR low

isisUpdatePackets ERROR low
l2f ERROR low
l2fIpLowerBinding ERROR low
l2fStateMachine ERROR low
l2tp ERROR low
l2tpIpLowerBinding ERROR low
l2tpStateMachine ERROR low
localAddressServerGeneral ERROR low
localLinePassword ERROR low
lsmGeneral ERROR low
mgtmGeneral ERROR low
mplsAppService ERROR low
mplsGeneral ERROR low
mplsMajorInterface ERROR low
mplsMinorInterface ERROR low
mtraceLog ERROR low
mtraceRcvdLog ERROR low
mtraceSentLog ERROR low
multicastTraffic ERROR low
noneAaaAddrServer ERROR low
noneAaaServer ERROR low
ntpGeneral ERROR low
onlineDiag ERROR low
os NOTICE low
ospfElectDr ERROR low
ospfGeneral ERROR low
ospfInterface ERROR low
ospfLsa ERROR low
ospfNeighbor ERROR low
ospfPktsRcvd ERROR low
ospfPktsSent ERROR low
ospfRoute ERROR low
ospfSpfExt ERROR low
ospfSpfInter ERROR low
ospfSpfIntra ERROR low
ospfTeDatabase ERROR low
ospfTeSpf ERROR low
pimAutoRPRcvdLog ERROR low
pimAutoRPSentLog ERROR low
pimHelloRcvdLog ERROR low
pimHelloSentLog ERROR low
pimPktsRcvdLog ERROR low
pimPktsSentLog ERROR low
policyMgrAttachment ERROR low
policyMgrGeneral ERROR low
policyMgrPacketLog ERROR low
ppp ERROR low
pppPacket --- low
pppStateMachine --- low
pppoe ERROR low
pppoeControlPacket --- low

profileMgr ERROR low

radiusAttributes ERROR low
radiusClient ERROR low
remOps ERROR low
ripGeneral ERROR low
ripRoute ERROR low
ripRtTable ERROR low
rsvpGeneral ERROR low
security INFO low
slep ERROR low
smds ERROR low
snmp ERROR low
snmpPduAudit ERROR low
snmpSetPduAudit ERROR low
sonet ERROR low
sonetPath ERROR low
sonetVT ERROR low
ssccDetailPm ERROR low
ssccDetailSsc ERROR low
ssccGeneral ERROR low
ssh ERROR low
system ERROR low
tcpGeneral ERROR low
tcpTraffic ERROR low
telnet ERROR low
testExec ERROR low
tsm ERROR low
udpTraffic ERROR low
vrfVpnMgrGeneralLog ERROR low
ERX6#show log data

*** stored log messages ***
*** log: all
*** severity: ERROR and higher
*** no baseline
ERX6#show log data severity 1

*** log: all
*** severity: ALERT and higher
*** no baseline

*** log: all
*** severity: CRITICAL and higher
*** no baseline

*** log: all
*** severity: ERROR and higher

*** no baseline

*** log: all
*** severity: WARNING and higher
*** no baseline
WARNING 11/28/2001 12:14:09 os: Persistent log list pointers not set at
prior
reboot. *** RESETTING PERSISTENT LOGS ***
*** log: all
*** severity: NOTICE and higher
*** no baseline
prior
NOTICE 11/28/2001 12:14:16 os: srp boot, build date: 0x3bd09bd7 (FRI OCT 19
2001 21:32:07 UTC)
NOTICE 11/28/2001 12:14:16 os: OsAppRegistrar: (2) BootImageLoaderOsAppReg
NOTICE 11/28/2001 12:14:16 os: OsAppRegistrar: (2) boot
NOTICE 11/28/2001 12:14:16 os: OsAppRegistrar: (2) cli
NOTICE 11/28/2001 12:14:16 os: OsAppRegistrar: done.
NOTICE 11/28/2001 12:14:45 os: Persistent logs restored.
NOTICE 11/28/2001 12:14:45 osBuffer: OsBuffer initialized
NOTICE 11/28/2001 12:14:45 os: config -- using running
NOTICE 11/28/2001 12:14:45 linkFs: link file system initialized, 0 links
found
NOTICE 11/28/2001 12:15:04 os: srp diagnostics, build date: 0x3bd09d89 (FRI
OCT
19 2001 21:39:21 UTC)

*** log: all
*** severity: INFO and higher
*** no baseline
prior
NOTICE 11/28/2001 12:14:16 os: srp boot, build date: 0x3bd09bd7 (FRI OCT 19
2001 21:32:07 UTC)
NOTICE 11/28/2001 12:14:16 os: OsAppRegistrar: (2) BootImageLoaderOsAppReg
NOTICE 11/28/2001 12:14:16 os: OsAppRegistrar: (2) boot
NOTICE 11/28/2001 12:14:16 os: OsAppRegistrar: (2) cli
NOTICE 11/28/2001 12:14:16 os: OsAppRegistrar: done.
NOTICE 11/28/2001 12:14:45 os: Persistent logs restored.
NOTICE 11/28/2001 12:14:45 osBuffer: OsBuffer initialized

NOTICE 11/28/2001 12:14:45 os: config -- using running

NOTICE 11/28/2001 12:14:45 linkFs: link file system initialized, 0 links
found
NOTICE 11/28/2001 12:15:04 os: srp diagnostics, build date: 0x3bd09d89 (FRI
OCT
19 2001 21:39:21 UTC)
ERX6#show log data category pppPacket severity 7

*** log: pppPacket
*** severity: DEBUG and higher
*** no baseline
ERX6#conf t
ERX6(config)#log sev debug pppPacket atm 5/1.1
ERX6(config)#exit
ERX6#show log config
log destination console severity WARNING
log destination nv-file severity CRITICAL
no log engineering
log here
no log severity
category severity verbosity filters notes

------------------------- -------- --------- ------- -----
NameResolverLog ERROR low
aaaAtm1483Cfg ERROR low
aaaEngineGeneral ERROR low
aaaServerGeneral ERROR low
aaaUserAccess ERROR low
addressServerGeneral ERROR low
atm ERROR low
atm1483 ERROR low
atmAal5 ERROR low
bgpConnections ERROR low
bgpDampening ERROR low
bgpEvents ERROR low
bgpGeneral ERROR low
bgpKeepAlives ERROR low
bgpMessages ERROR low
bgpNeighborChanges NOTICE low
bgpRoutes ERROR low
bgpVpn ERROR low
bridgedEthernet ERROR low
bulkStats ERROR low
cacGeneral ERROR low
cacIntf ERROR low
cbf ERROR low
cbfEngine ERROR low
cliCommand NOTICE low

controlNetworkSlave ERROR low

cops ERROR low
crldpGeneral ERROR low
ctreeLog ERROR low
dcm ERROR low
dcmEngineGeneral ERROR low
dhcpGeneral ERROR low
dhcpLocalServerGeneral ERROR low
dhcpProxyGeneral ERROR low
dhcpRelayGeneral ERROR low
dnsGeneralLog ERROR low
ds1 ERROR low
ds3 ERROR low
dvmrpGeneral ERROR low
dvmrpMcastTable ERROR low
dvmrpProbeRcv ERROR low
dvmrpProbeSent ERROR low
dvmrpRtTable ERROR low
ethernet ERROR low
frameRelay ERROR low
fsAgent ERROR low
ft1 ERROR low
ftpClient ERROR low
ftpServer ERROR low
ftpdEngineering ERROR low
gplaan ERROR low
hdlc ERROR low
httpServer ERROR low
icmpTraffic ERROR low
igmpGeneral ERROR low
ipEngine ERROR low
ipGeneral ERROR low
ipInterface ERROR low
ipNhopTrackerGeneral ERROR low
ipProfileMgr ERROR low
ipRoutePolicy ERROR low
ipRouteTable ERROR low
ipTraffic ERROR low
ipTunnel ERROR low
isisAdjChange ERROR low
isisAdjPackets ERROR low
isisChecksumErr ERROR low
isisGeneral ERROR low
isisLocalUpdate ERROR low
isisMplsTeAdvertisements ERROR low
isisMplsTeEvents ERROR low
isisProtocolErr ERROR low
isisSnpPackets ERROR low
isisSpfEvents ERROR low
isisSpfPackets ERROR low
isisSpfStatistics ERROR low
isisSpfTriggers ERROR low

isisUpdatePackets ERROR low

l2f ERROR low
l2fIpLowerBinding ERROR low
l2fStateMachine ERROR low
l2tp ERROR low
l2tpIpLowerBinding ERROR low
l2tpStateMachine ERROR low
localAddressServerGeneral ERROR low
localLinePassword ERROR low
lsmGeneral ERROR low
mgtmGeneral ERROR low
mplsAppService ERROR low
mplsGeneral ERROR low
mplsMajorInterface ERROR low
mplsMinorInterface ERROR low
mtraceLog ERROR low
mtraceRcvdLog ERROR low
mtraceSentLog ERROR low
multicastTraffic ERROR low
noneAaaAddrServer ERROR low
noneAaaServer ERROR low
ntpGeneral ERROR low
onlineDiag ERROR low
os NOTICE low
ospfElectDr ERROR low
ospfGeneral ERROR low
ospfInterface ERROR low
ospfLsa ERROR low
ospfNeighbor ERROR low
ospfPktsRcvd ERROR low
ospfPktsSent ERROR low
ospfRoute ERROR low
ospfSpfExt ERROR low
ospfSpfInter ERROR low
ospfSpfIntra ERROR low
ospfTeDatabase ERROR low
ospfTeSpf ERROR low
pimAutoRPRcvdLog ERROR low
pimAutoRPSentLog ERROR low
pimHelloRcvdLog ERROR low
pimHelloSentLog ERROR low
pimPktsRcvdLog ERROR low
pimPktsSentLog ERROR low
policyMgrAttachment ERROR low
policyMgrGeneral ERROR low
policyMgrPacketLog ERROR low
ppp ERROR low
pppPacket --- low 1
pppStateMachine --- low
pppoe ERROR low
pppoeControlPacket --- low
profileMgr ERROR low

radiusAttributes ERROR low

radiusClient ERROR low
remOps ERROR low
ripGeneral ERROR low
ripRoute ERROR low
ripRtTable ERROR low
rsvpGeneral ERROR low
security INFO low
slep ERROR low
smds ERROR low
snmp ERROR low
snmpPduAudit ERROR low
snmpSetPduAudit ERROR low
sonet ERROR low
sonetPath ERROR low
sonetVT ERROR low
ssccDetailPm ERROR low
ssccDetailSsc ERROR low
ssccGeneral ERROR low
ssh ERROR low
system ERROR low
tcpGeneral ERROR low
tcpTraffic ERROR low
telnet ERROR low
testExec ERROR low
tsm ERROR low
udpTraffic ERROR low
vrfVpnMgrGeneralLog ERROR low
log severity DEBUG pppPacket atm 5/1.1

ERX6#conf t
ERX6(config)#cont t3 5/1
ERX6(config-controll)#no shutdown
ERX6(config-controll)#end
ERX6#show log data cat pppPacket sev 7
*** log: pppPacket
*** severity: DEBUG and higher
*** no baseline
DEBUG 11/28/2001 12:46:35 pppPacket (interface atm 5/1.1): time: 0.00, tx

lcp
confReq, id = 40, length = 19, mru = 9178, authentication = chap MD5,
magicNumber = 0x070c43db
DEBUG 11/28/2001 12:46:35 pppPacket (interface atm 5/1.1): time: 0.00, rx
lcp
confReq, id = 60, length = 14, mru = 9178, magicNumber = 0x7553a501
lcp
confAck, id = 60, length = 14, mru = 9178, magicNumber = 0x7553a501


lcp
confAck, id = 40, length = 19, mru = 9178, authentication = chap MD5,
magicNumber = 0x070c43db
chap
challenge, id = 172, length = 39, challenge length = 30, challenge = 6e c0
41
2a 50 7a 23 60 8f 43 b5 0b 8f 9e 90 29 72 ae c0 6c cb f6 ef 2e 01 ab 99 3b
c8
6d, name = 'ERX6' 45 52 58 36
chap
response, id = 172, length = 35, response length = 16, response = 5d ed 51
8c
0b aa 4c 03 d2 69 b4 d2 4a b9 49 1e, name = 'tyler@isp1.com' 74 79 6c 65 72
40
69 73 70 31 2e 63 6f 6d
chap
success, id = 172, length = 4
ipNcp
confReq, id = 244, length = 10, ipAddress = 192.168.1.1
ipNcp
ipNcp
confNak, id = 96, length = 10, ipAddress = 192.168.1.2
ipNcp
confAck, id = 244, length = 10, ipAddress = 192.168.1.1
ipNcp
ipNcp
confAck, id = 97, length = 10, ipAddress = 192.168.1.2
ERX6#show subscriber
Subscriber List
---------------
Addr Virtual
User Name IP Address Source Router
-------------------------------- --------------- ------ ------------
tyler@isp1.com 192.168.1.2 radius default
User Name Interface Login Time

-------------------------------- ------------------ -------------------
tyler@isp1.com atm 5/1.1 01/11/28 12:46:34

ERX6#show aaa dom
Domain: isp1.com; virtual-router: default; loopback: 1
ERX6#show atm vc atm 5/1 1

ATM 5/1.1: VCD: 1, VPI: 0, VCI: 101, Encap: SNAP
Service Type: Ubr
Inverse ARP enable: No
InPackets: 8
InBytes: 162
InCells: 9
OutPackets: 9
OutBytes: 176
OutCells: 10
InErrors: 0
OutErrors: 0
InPacketDiscards: 0
InByteDiscards: 0
CrcErrors: 0
SAR time-outs: 0
Over-sized SDUs: 0
OAM VC verification: disabled
OAM VC status: not managed
InOamF5Cells: 0
InOamCellDiscards: 0
InF5EndLoopCells: 0
InF5SegLoopCells: 0
InF5AisCells: 0
InF5RdiCells: 0
OutOamF5Cells: 0
OutF5EndLoopCells: 0
OutF5SegLoopCells: 0
OutF5RdiCells: 0
Circuit is UP, time since last change: 00:01:32
ERX6#show ppp int
PPP interface atm 5/0.1 is up
ERX6#show ppp int state up
ERX6#show ppp int state down
% No matching ppp interfaces found
ERX6#show ppp int state passive


ERX6#show radius stat
RADIUS Authentication Statistics
--------------------------------
Statistic 10.13.7.55
------------------- ----------
UDP Port 1645
Round Trip Time 72
Access Requests 1
Rollover Requests 0
Retransmissions 0
Access Accepts 1
Access Rejects 0
Access Challenges 0
Malformed Responses 0
Bad Authenticators 0
Requests Pending 0
Request Timeouts 0
Unknown Responses 0
Packets Dropped 0
RADIUS Accounting Statistics

----------------------------
------------------- ----------
UDP Port 1646
Round Trip Time 53
Accounting Requests 2
Rollover Requests 1
Retransmissions 4
Responses 2
Requests Pending 0
Request Timeouts 5
Unknown Responses 0
Packets Dropped 0
ERX6#show ip route
Protocol/Route type codes:
I1- ISIS level 1, I2- ISIS level2,
I- route type intra, IA- route type inter, E- route type external,
i- metric type internal, e- metric type external,
O- OSPF, E1- external type 1, E2- external type2,
N1- NSSA external type1, N2- NSSA external type2
Prefix/Length Type Next Hop Dist/Met Intf

------------------ ------- --------------- -------------- -----------------

---
10.13.7.0/24 Connect 10.13.7.16 0/1 fastEthernet0/0
192.168.1.0/24 Connect 192.168.1.1 0/1 loopback1
192.168.1.2/32 AccInte 0.0.0.0 2/1 atm5/1.1
rn
ERX6#baseline radius
ERX6#show radius stat
--------------------------------
------------------- ----------
UDP Port 1645
Round Trip Time 72
Access Requests 1
Rollover Requests 0
Retransmissions 0
Access Accepts 1
Access Rejects 0
Access Challenges 0
Requests Pending 0
Request Timeouts 0
Unknown Responses 0
Packets Dropped 0

----------------------------
------------------- ----------
UDP Port 1646
Round Trip Time 53
Rollover Requests 1
Retransmissions 4
Responses 2
Requests Pending 0
Request Timeouts 5
Unknown Responses 0
Packets Dropped 0
ERX6#show radius stat delta

--------------------------------
------------------- ----------

UDP Port 1645

Round Trip Time 72
Access Requests 0
Rollover Requests 0
Retransmissions 0
Access Accepts 0
Access Rejects 0
Access Challenges 0
Requests Pending 0
Request Timeouts 0
Unknown Responses 0
Packets Dropped 0
Statistics baseline set WED NOV 28 2001 12:50:28 UTC

----------------------------
------------------- ----------
UDP Port 1646
Round Trip Time 53
Rollover Requests 0
Retransmissions 0
Responses 0
Requests Pending 0
Request Timeouts 0
Unknown Responses 0
Packets Dropped 0
ERX6#test aaa tyler@isp1.com tyler

Authentication Grant
idle Timeout - 0
session Timeout - 0
accounting Timeout - 0
Client IP Address - 192.168.1.3
Client IP Netmask - 255.255.255.255
primary DNS IP Address - 0.0.0.0
secondary DNS IP Address - 0.0.0.0
primary WINS IP Address - 0.0.0.0
secondary WINS IP Address - 0.0.0.0
SA Validate - disabled
IGMP - disabled
router context - default
local interface - 1
pausing 5 seconds before disconnecting test user, tyler@isp1.com

ERX6#show radius stat delta

--------------------------------
------------------- ----------
UDP Port 1645
Round Trip Time 16
Access Requests 1
Rollover Requests 0
Retransmissions 0
Access Accepts 1
Access Rejects 0
Access Challenges 0
Requests Pending 0
Request Timeouts 0
Unknown Responses 0
Packets Dropped 0

----------------------------
------------------- ----------
UDP Port 1646
Round Trip Time 33
Rollover Requests 0
Retransmissions 0
Responses 2
Requests Pending 0
Request Timeouts 0
Unknown Responses 0
Packets Dropped 0
ERX6#conf t
ERX6(config)#log destination console sev debug
ERX6(config)#cont t3 5/1
ERX6(config-controll)#shut
ERX6(config-controll)#no shut
ERX6(config-controll)#DEBUG 11/28/2001 12:52:57 pppPacket (interface atm
5/1.1):
time: 383.20, tx lcp confReq, id = 45, length = 19, mru = 9178,
authentication
= chap MD5, magicNumber = 0x05cee177


lcp
confReq, id = 65, length = 14, mru = 9178, magicNumber = 0x3357ac87
lcp
confAck, id = 65, length = 14, mru = 9178, magicNumber = 0x3357ac87
lcp
confAck, id = 45, length = 19, mru = 9178, authentication = chap MD5,
magicNumbe
r = 0x05cee177
chap
challenge, id = 173, length = 25, challenge length = 16, challenge = 0f 76
2d c
c 4b c2 00 94 dc 0b 45 f2 92 5d 50 8b, name = 'ERX6' 45 52 58 36
chap
response, id = 173, length = 35, response length = 16, response = c9 c6 4a
52 6
f 4b f4 af f0 7d d1 ed c9 85 f3 35, name = 'tyler@isp1.com' 74 79 6c 65 72
40 69
73 70 31 2e 63 6f 6d
chap
success, id = 173, length = 4
ipNc
p confReq, id = 245, length = 10, ipAddress = 192.168.1.1
ipNc
ipNc
p confNak, id = 98, length = 10, ipAddress = 192.168.1.4
ipNc
p confAck, id = 245, length = 10, ipAddress = 192.168.1.1
ipNc
ipNc
p confAck, id = 99, length = 10, ipAddress = 192.168.1.4
ERX6(config-controll)#end
ERX6#show subsc
Subscriber List
---------------
Addr Virtual
-------------------------------- --------------- ------ ------------


-------------------------------- ------------------ -------------------
tyler@isp1.com atm 5/1.1 01/11/28 12:52:57
ERX6#conf t
ERX6(config)#no log filters
ERX6(config)#log des con sev 3
ERX6(config)#vir vr2
Proceed with new virtual-router creation? [confirm]
ERX6:vr2(config)#exit
ERX6:vr2#ping 10.13.7.55
.....
ERX6:vr2#show ip route

------------------ ------- --------------- -------------- -----------------
---
ERX6:vr2#conf t
ERX6:vr2(config)#vir default
ERX6(config)#int atm 5/0.33
ERX6(config-subif)#atm pvc 33 0 33 aal5snap
ERX6(config-subif)#ip add 60.60.60.1 255.255.255.0
ERX6(config-subif)#vir vr2
ERX6:vr2(config)#int atm 5/1.33
ERX6:vr2(config-subif)#atm pvc 33 0 33 aal5snap
ERX6:vr2(config-subif)#ip add 60.60.60.2 255.255.255.0
ERX6:vr2(config-subif)#end
ERX6:vr2#show ip int br
Interface IP-Address Status Protocol Description
null0 255.255.255.255/32 up up
atm5/1.33 60.60.60.2/24 up up
ERX6:vr2#ping 60.60.60.2
!!!!!
ERX6:vr2#ping 60.60.60.1

!!!!!
ERX6:vr2#conf t
ERX6:vr2(config)#ip route 10.13.7.0 255.255.255.0 atm 5/1.33
ERX6:vr2#ping 10.13.7.55
!!!!!

------------------ ------- --------------- -------------- -----------------
---
10.13.7.0/24 Static 60.60.60.2 1/0 atm5/1.33
60.60.60.0/24 Connect 60.60.60.2 0/1 atm5/1.33
ERX6:vr2#conf t
ERX6:vr2(config)#int loop 1
ERX6:vr2(config-if)#ip add 172.16.2.1 255.255.255.0
ERX6:vr2(config-if)#exit
ERX6:vr2(config)#aaa domain isp2.com vr2 loopback 1
ERX6:vr2(config)#rad authen server 10.13.7.55
ERX6:vr2(config-radius)#udp 1645
ERX6:vr2(config-radius)#key training
ERX6:vr2(config-radius)#rad account server 10.13.7.55
ERX6:vr2(config-radius)#udp 1646
ERX6:vr2(config-radius)#key training
ERX6:vr2(config-radius)#exit
ERX6:vr2(config)#radius update 60.60.60.2
ERX6:vr2#test aaa paul@isp2.com paul
idle Timeout - 0
session Timeout - 0

IGMP - disabled
router context - vr2
local interface - 1
pausing 5 seconds before disconnecting test user, paul@isp2.com
ERX6:vr2#test aaa trish@isp2.com trish
idle Timeout - 0
session Timeout - 0
IGMP - disabled
router context - vr2
local interface - 1
pausing 5 seconds before disconnecting test user, trish@isp2.com
ERX6:vr2#conf t
ERX6:vr2(config)#cont t3 5/0
ERX6:vr2(config-controll)#shut
ERX6:vr2(config-controll)#cont t3 5/1
ERX6:vr2(config-controll)#shut
ERX6:vr2(config-controll)#exit
ERX6:vr2(config)#profile ip-only
ERX6:vr2(config-profile)#ip access-route
ERX6:vr2(config-profile)#exit
ERX6:vr2(config-subif)#encap ppp
ERX6:vr2(config-subif)#ppp auth chap
ERX6:vr2(config-subif)#profile ?
WORD The name of the profile
any The wildcard interface type
ip The IP interface type
ERX6:vr2(config-subif)#profile ip ip-only
ERX6:vr2(config-subif)#exit
ERX6:vr2(config-subif)#en ppp
ERX6:vr2(config-subif)#ppp auth chap
ERX6:vr2(config-subif)#profile ip ip-only
ERX6:vr2(config-subif)#cont t3 5/0
ERX6:vr2(config-controll)#no shut
ERX6:vr2(config-controll)#cont t3 5/1
ERX6:vr2(config-controll)#no shut
ERX6:vr2(config-controll)#end
ERX6:vr2#show subsc

Subscriber List
---------------
Addr Virtual
-------------------------------- --------------- ------ ------------
paul@isp2.com 172.16.2.4 radius vr2
trish@isp2.com 172.16.2.5 radius vr2

-------------------------------- ------------------ -------------------
paul@isp2.com atm 5/1.2 01/11/28 13:04:46
trish@isp2.com atm 5/1.3 01/11/28 13:04:46

------------------ ------- --------------- -------------- -----------------
---
10.13.7.0/24 Static 60.60.60.2 1/0 atm5/1.33
60.60.60.0/24 Connect 60.60.60.2 0/1 atm5/1.33
172.16.2.4/32 AccInte 0.0.0.0 2/1 atm5/1.2
rn
172.16.2.5/32 AccInte 0.0.0.0 2/1 atm5/1.3
rn
ERX6:vr2#vir default
ERX6#show subsc
Subscriber List
---------------
Addr Virtual
-------------------------------- --------------- ------ ------------
paul@isp2.com 172.16.2.4 radius vr2
trish@isp2.com 172.16.2.5 radius vr2

-------------------------------- ------------------ -------------------
tyler@isp1.com atm 5/1.1 01/11/28 13:04:46
paul@isp2.com atm 5/1.2 01/11/28 13:04:46
trish@isp2.com atm 5/1.3 01/11/28 13:04:46
ERX6#show ip route



------------------ ------- --------------- -------------- -----------------
---
10.13.7.0/24 Connect 10.13.7.16 0/1 fastEthernet0/0
60.60.60.0/24 Connect 60.60.60.1 0/1 atm5/0.33
192.168.1.5/32 AccInte 0.0.0.0 2/1 atm5/1.1
rn
ERX6#

Lab 3 PPP Over Atm v3.2

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lab 3 PPP Over Atm v3.2

Uploaded by

Copyright:

Available Formats

Lab 3

Configuring PPP over ATM

Rev 3.2 3-1

Logical Network Map

3-2 Rev 3.2 ERX B-RAS Configuration Basics

Physical Network Map – Tear this page out!

IP Addr - See Chart

For Training Purposes Only Rev 3.2 3-3

Logical Network Map – Tear this page out!

3-4 Rev 3.2 ERX B-RAS Configuration Basics

Physical Network Map

IP Addr - See Chart

For Training Purposes Only Rev 3.2 3-5

Initial ERX Configuration

Configuring the PPP over ATM Clients

3-6 Rev 3.2 ERX B-RAS Configuration Basics

Initial Default Router IP Configuration

1. Switch to the default virtual router.

2. Configure the Management Fast Ethernet port using the IP address

3. Configure a description for the Management Fast Ethernet such as

4. Test the IP interface using ping.

5. Verify that the RADIUS server is reachable using ping. Do not

6. Configure the default virtual router’s loopback interface using the IP

For Training Purposes Only Rev 3.2 3-7

Configuring isp1 for PPP over ATM

Initial B-RAS Configuration

1. Configure a B-RAS license using the key provided by the instructor.

3. Configure the RADIUS authentication server information for isp1 on

4. Configure the RADIUS accounting server information for isp1 on the

3-8 Rev 3.2 ERX B-RAS Configuration Basics

Configuring PPP over ATM

1. Configure the ATM interface on the UT3 or UE3 controller.

2. Configure the ATM subinterface for Tyler.

3. Configure the ATM PVC using aal5snap encapsulation for Tyler.

4. Configure the ATM subinterface for PPP encapsulation for Tyler.

5. Specify PPP CHAP authentication for Tyler.

6. Configure a static unnumbered IP interface, referencing Loopback 1.

7. Configure the IP interface to dynamically cache a host route in the IP

8. Exit configuration mode.

For Training Purposes Only Rev 3.2 3-9

Viewing the Default ERX Logging Configuration

♦ Severity level of the console: ___________________________________

♦ What is the default severity level for most categories? ____________

♦ What category has a different default severity level? _____________

♦ What is the severity level of pppPacket? ________________________

♦ Are there any filters listed for pppPacket? ______________________

♦ show log data: ______________________________________________

♦ show log data severity 1:____________________________________

♦ show log data severity 2:____________________________________

♦ show log data severity 3:____________________________________

♦ show log data severity 4:____________________________________

♦ show log data severity 5:____________________________________

♦ show log data severity 6:____________________________________

♦ Are any pppPacket events listed?_______________________________

♦ show log data category pppPacket severity 7: ______________

♦ Are any pppPacket events listed?_______________________________

3-10 Rev 3.2 ERX B-RAS Configuration Basics

Initial ERX Logging Configuartion

1. Enter configuration mode.

log severity debug pppPacket atm 5/1.1

3. Exit configuration mode.

♦ Severity level of the console: ___________________________________

♦ Severity level of pppPacket: ___________________________________