vMX

 View Only
last person joined: 28 days ago 

Ask questions and share experiences about vMX.

How to create static subscribers to test L2TPv3 session between 2 vMX?

  • 1.  How to create static subscribers to test L2TPv3 session between 2 vMX?

    Posted 08-13-2021 10:38

    Hi All, 

    Am trying to create a simple L2TPv3 test setup with 2 vMX. I have configured(hopefully) the necessary L2TPv3 configurations between the vMXs but when I try to test it using "test services l2tp tunnel ..." it fails with subscriber authentication. "show subscribers" does not show anything. How do I configure static subscribers to test mt L2TPv3 sessions? I assume just to verify the L2TPv3 controlplane I don't need traffic from subscribers (i.e the above test command). 

    Here's my relevant configurations. Please let me know what is missing.

    root# show system services static-subscribers
    access-profile {
    test-user;
    }
    dynamic-profile {
    junos-default-profile;
    }
    authentication {
    password "$9$69vD/u1SyK8xdev4aGUHkuOB"; ## SECRET-DATA
    username-include {
    user-prefix test;
    }
    }
    group test {
    interface demux0.1;
    }

    root# show interfaces demux0
    unit 1 {
    demux-options {
    underlying-interface ge-0/0/1.1;
    }
    family inet {
    demux-source {
    192.168.1.2/30;
    17.0.0.2/24;
    }
    address 192.168.1.1/30;
    address 17.0.0.1/24;
    }
    }

    [edit]
    root# show interfaces ge-0/0/1
    flexible-vlan-tagging;
    unit 1 {
    demux-source inet;
    vlan-tags outer 10 inner 110;
    family inet {
    unnumbered-address lo0.0;
    }
    }

    [edit]
    root# show interfaces lo0
    unit 0 {
    family inet {
    address 3.3.3.1/24;
    }
    }

    root# show access
    profile test-user {
    accounting-order radius;
    authentication-order radius;
    radius {
    authentication-server 10.10.10.90;
    accounting-server 10.10.10.90;
    options {
    client-authentication-algorithm round-robin;
    client-accounting-algorithm round-robin;
    juniper-dsl-attributes;
    }
    }
    radius-server {
    10.10.10.90 {
    port 1812;
    accounting-port 1813;
    secret "$9$L0JXVYJZjqPQDiCt0OREVws"; ## SECRET-DATA
    source-address 10.10.10.91;
    }
    }
    accounting {
    order radius;
    }
    }


    Thank you,

    regards,
    Ram



    ------------------------------
    Ramkumar Ganapathysubramanian
    ------------------------------