网络工程 - Cisco ISR L2TP VPN 本地与半径身份验证问题 - 吾爱随笔录

我目前有一个 cisco 1841 路由器，配置为针对 Windows NPS 服务器对用户进行身份验证。奇怪的是，当使用本地身份验证时，VPN 每次都是第一次连接。然后我将身份验证从本地移动到半径，但随后我无法登录到 VPN。

在查看 Windows NPS 服务器上的安全日志时，我可以清楚地看到路由器正在查询服务器并且服务器回复说登录有效但路由器从未完成使用半径的 VPN 登录。

如果我更改ppp authentication ms-chap-v2 remote-access，ppp authentication ms-chap-v2它将使用本地用户名并正常工作。

aaa new-model
!
aaa group server radius radius-servers
 server-private <ommitted ip> key 7 <ommitted secret>
!
aaa authentication login default local
aaa authentication ppp remote-access group radius-servers
!
vpdn enable
!
vpdn-group L2TP
 ! Default L2TP VPDN group
 accept-dialin
  protocol l2tp
  virtual-template 1
 lcp renegotiation always
 no l2tp tunnel authentication
!
!
 crypto isakmp policy 1
 encr aes 256
 authentication pre-share
 group 2
 lifetime 3600
crypto isakmp key <omitted secret> address 0.0.0.0 0.0.0.0
crypto isakmp keepalive 3600
!
!
crypto ipsec transform-set remote-access-set esp-aes 256 esp-sha-hmac 
 mode transport
!
crypto dynamic-map remote-access-map 10
 set transform-set remote-access-set 
!
!
crypto map dynmap 65535 ipsec-isakmp dynamic remote-access-map 
!
interface Virtual-Template1
 ip unnumbered FastEthernet0/0.1
 peer default ip address pool remote-access-pool
 ppp mtu adaptive
 ppp authentication ms-chap-v2 remote-access

L2TP调试：

*Oct 12 06:49:23.270: L2TP       _____:________: I SCCRQ, flg TLS, ver 2, len 69
*Oct 12 06:49:23.270: L2TP       _____:________:  IETF v2:
*Oct 12 06:49:23.270: L2TP       _____:________:   Protocol Version  1, Revision 0
*Oct 12 06:49:23.274: L2TP       _____:________:   Framing Cap       both(0x3)
*Oct 12 06:49:23.274: L2TP       _____:________:   Hostname           "thanatos..."
*Oct 12 06:49:23.274: L2TP       _____:________:   Assigned Tunnel I 0x00000079 (121)
*Oct 12 06:49:23.274: L2TP       _____:________:   Rx Window Size    4
*Oct 12 06:49:23.274: L2TP       _____:________:  
*Oct 12 06:49:23.274: L2X  tnl   08023:________: Create logical tunnel
*Oct 12 06:49:23.274: L2TP tnl   08023:________: Create tunnel
*Oct 12 06:49:23.274: L2TP tnl   08023:________:     version set to V2
*Oct 12 06:49:23.274: L2TP tnl   08023:________:     remote ip set to <remote IP>
*Oct 12 06:49:23.274: L2TP tnl   08023:________:     local ip set to <external IP>
*Oct 12 06:49:23.274: L2TP tnl   08023:00007D8D: FSM-CC ev Rx-SCCRQ
*Oct 12 06:49:23.274: L2TP tnl   08023:00007D8D: FSM-CC    Idle->Proc-SCCRQ
*Oct 12 06:49:23.274: L2TP tnl   08023:00007D8D: FSM-CC do Rx-SCCRQ
*Oct 12 06:49:23.278: L2X        _____:________: Tunnel author started for thanatos
*Oct 12 06:49:23.282: L2X        _____:________: Tunnel author found
*Oct 12 06:49:23.282: L2TP tnl   08023:00007D8D: Author reply, data source: "L2TP"
*Oct 12 06:49:23.282: L2X        _____:________: class [AAA author, group "L2TP"]
*Oct 12 06:49:23.282: L2X        _____:________:   created
*Oct 12 06:49:23.282: L2X        _____:________: class [AAA author, group "L2TP"]
*Oct 12 06:49:23.282: L2X        _____:________:   App locked 0->1
*Oct 12 06:49:23.282: L2X        _____:________: class [AAA author, group "L2TP"]
*Oct 12 06:49:23.282: L2X        _____:________:   Protocol locked 0->1
*Oct 12 06:49:23.282: L2TP tnl   08023:00007D8D:     class name AAA author, group "L2TP"
*Oct 12 06:49:23.282: L2X        _____:________: class [AAA author, group "L2TP"]
*Oct 12 06:49:23.282: L2X        _____:________:   App unlocked 1->0
*Oct 12 06:49:23.282: L2TP tnl   08023:00007D8D:     peer cap async set
*Oct 12 06:49:23.282: L2TP tnl   08023:00007D8D:     peer cap sync set
*Oct 12 06:49:23.282: L2TP tnl   08023:00007D8D: FSM-CC ev SCCRQ-OK
*Oct 12 06:49:23.282: L2TP tnl   08023:00007D8D: FSM-CC    Proc-SCCRQ->Wt-SCCCN
*Oct 12 06:49:23.282: L2TP tnl   08023:00007D8D: FSM-CC do Tx-SCCRP
*Oct 12 06:49:23.282: L2X        _____:________: l2x_open_socket: is called
*Oct 12 06:49:23.286: L2TP tnl   08023:00007D8D: Open sock <external IP>:1701-><remote IP>:52700
*Oct 12 06:49:23.286: L2TP tnl   08023:00007D8D: FSM-CC ev Sock-Ready
*Oct 12 06:49:23.286: L2TP tnl   08023:00007D8D: FSM-CC    in Wt-SCCCN
*Oct 12 06:49:23.286: L2TP tnl   08023:00007D8D: FSM-CC do Ignore-Sock-Up
*Oct 12 06:49:23.286: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:23.286: L2TP tnl   08023:00007D8D: O SCCRP to thanatos tnl 121
*Oct 12 06:49:23.286: L2TP tnl   08023:00007D8D:  IETF v2:
*Oct 12 06:49:23.286: L2TP tnl   08023:00007D8D:   Protocol Version  1, Revision 0
*Oct 12 06:49:23.286: L2TP tnl   08023:00007D8D:   Framing Cap       none(0x0)
*Oct 12 06:49:23.286: L2TP tnl   08023:00007D8D:   Firmware Ver      0x1130
*Oct 12 06:49:23.286: L2TP tnl   08023:00007D8D:   Hostname           "rtr1"
*Oct 12 06:49:23.286: L2TP tnl   08023:00007D8D:   Vendor Name       
*Oct 12 06:49:23.290: L2TP tnl   08023:00007D8D:      "Cisco Systems, Inc."
*Oct 12 06:49:23.290: L2TP tnl   08023:00007D8D:   Assigned Tunnel I 0x00007D8D (32141)
*Oct 12 06:49:23.290: L2TP tnl   08023:00007D8D:   Rx Window Size    1024
*Oct 12 06:49:23.290: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:23.342: L2TP tnl   08023:00007D8D: Drain unsentQ, cur/max resendQ sz 0/4, unsentQ 0
*Oct 12 06:49:23.342: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:23.342: L2TP tnl   08023:00007D8D: I SCCCN, flg TLS, ver 2, len 20
*Oct 12 06:49:23.342: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:23.342: L2TP tnl   08023:00007D8D: FSM-CC ev Rx-SCCCN
*Oct 12 06:49:23.342: L2TP tnl   08023:00007D8D: FSM-CC    Wt-SCCCN->Proc-SCCCN
*Oct 12 06:49:23.342: L2TP tnl   08023:00007D8D: FSM-CC do Rx-SCCCN
*Oct 12 06:49:23.342: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:23.342: L2TP tnl   08023:00007D8D: O ZLB ACK to thanatos tnl 121
*Oct 12 06:49:23.342: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:23.346: L2TP tnl   08023:00007D8D: FSM-CC ev SCCCN-OK
*Oct 12 06:49:23.346: L2TP tnl   08023:00007D8D: FSM-CC    Proc-SCCCN->established
*Oct 12 06:49:23.346: L2TP tnl   08023:00007D8D: FSM-CC do Established
*Oct 12 06:49:23.346: L2TP tnl   08023:00007D8D: Control channel up
*Oct 12 06:49:23.346: L2TP tnl   08023:00007D8D:   <external IP><-><remote IP>
*Oct 12 06:49:23.346: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:23.346: L2TP tnl   08023:00007D8D: I ICRQ, flg TLS, ver 2, len 38
*Oct 12 06:49:23.346: L2TP tnl   08023:00007D8D:  IETF v2:
*Oct 12 06:49:23.346: L2TP tnl   08023:00007D8D:   Assigned Call ID  0x00000E8B (3723)
*Oct 12 06:49:23.346: L2TP tnl   08023:00007D8D:   Serial Number     1
*Oct 12 06:49:23.350: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:23.350: L2X  _____:_____:________: Create logical session
*Oct 12 06:49:23.350: L2TP _____:_____:________: Create session
*Oct 12 06:49:23.350: L2TP _____:_____:________:   Using ICRQ FSM
*Oct 12 06:49:23.350: L2TP _____:_____:________: FSM-Sn ev created
*Oct 12 06:49:23.350: L2TP _____:_____:________: FSM-Sn    Init->Idle
*Oct 12 06:49:23.350: L2TP _____:_____:________: FSM-Sn do none
*Oct 12 06:49:23.350: L2TP _____:_____:________:     remote ip set to <remote IP>
*Oct 12 06:49:23.350: L2TP _____:_____:________:     local ip set to <external IP>
*Oct 12 06:49:23.350: L2TP tnl   08023:00007D8D: FSM-CC ev Session-Conn
*Oct 12 06:49:23.350: L2TP tnl   08023:00007D8D: FSM-CC    in established
*Oct 12 06:49:23.350: L2TP tnl   08023:00007D8D: FSM-CC do Session-Conn-Est
*Oct 12 06:49:23.350: L2TP tnl   08023:00007D8D:   Session count now 1
*Oct 12 06:49:23.350: L2TP _____:08023:00008D28: FSM-Sn ev CC-Up
*Oct 12 06:49:23.350: L2TP _____:08023:00008D28: FSM-Sn    in Idle
*Oct 12 06:49:23.350: L2TP _____:08023:00008D28: FSM-Sn do CC-Up-Ignore0-1
*Oct 12 06:49:23.350: L2TP _____:08023:00008D28: Session attached
*Oct 12 06:49:23.350: L2TP _____:08023:00008D28: FSM-Sn ev Rx-ICRQ
*Oct 12 06:49:23.350: L2TP _____:08023:00008D28: FSM-Sn    Idle->Proc-ICRQ
*Oct 12 06:49:23.350: L2TP _____:08023:00008D28: FSM-Sn do Rx-ICRQ
*Oct 12 06:49:23.354: L2TP _____:08023:00008D28:   Chose application VPDN
*Oct 12 06:49:23.354: L2TP _____:08023:00008D28:   App type set to VPDN
*Oct 12 06:49:23.354: L2TP tnl   08023:00007D8D:   VPDN Session count now 1
*Oct 12 06:49:23.354: L2TP _____:08023:00008D28: VPDN: process AVPs
*Oct 12 06:49:23.354: L2TP _____:08023:00008D28: Set HA epoch to 0
*Oct 12 06:49:23.354: L2TP _____:08023:00008D28: Local AC is now UP
*Oct 12 06:49:23.354: L2TP _____:08023:00008D28: Remote AC is now UP
*Oct 12 06:49:23.354: L2TP _____:08023:00008D28:  
*Oct 12 06:49:23.354: L2TP _____:08023:00008D28: APP<-L2TP: Incoming
*Oct 12 06:49:23.354: L2TP _____:08023:00008D28:            sock 00000000
*Oct 12 06:49:23.354: L2TP _____:08023:00008D28:            serv 00008022
*Oct 12 06:49:23.354: L2TP _____:08023:00008D28:  
*Oct 12 06:49:23.358: L2TP _____:08023:00008D28: L2TUN: add sock 00001022
*Oct 12 06:49:23.358: L2TP _____:08023:00008D28:  
*Oct 12 06:49:23.358: L2TP _____:08023:00008D28: APP->L2TP: Accept [6],
*Oct 12 06:49:23.358: L2TP _____:08023:00008D28:            sock 00001022
*Oct 12 06:49:23.358: L2TP _____:08023:00008D28:            serv 00008022
*Oct 12 06:49:23.358: L2TP _____:08023:00008D28:            data 68660C28[136]
*Oct 12 06:49:23.358: L2TP _____:08023:00008D28:            replied on new socket
*Oct 12 06:49:23.362: L2TP _____:08023:00008D28:  
*Oct 12 06:49:23.362: L2TP _____:08023:00008D28:   App type set to VPDN
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28:   UDP checksum ignore is enabled
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28:   Sequencing default tx disabled
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28:   Sequencing default rx disabled
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28:   Framing set to sync
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28:   Bearer set to none
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28: no cookies enabled
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28: FSM-Sn ev ICRQ-OK
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28: FSM-Sn    Proc-ICRQ->Wt-Tx-ICRP
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28: FSM-Sn do Tx-ICRP-Local-Check
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28: FSM-Sn ev Local-Cont
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28: FSM-Sn    Wt-Tx-ICRP->Wt-Rx-ICCN
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28: FSM-Sn do Tx-ICRP
*Oct 12 06:49:23.362: L2X        _____:________: l2x_open_socket: is called
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28: Open sock <external IP>:1701-><remote IP>:52700
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28: FSM-Sn ev Sock-Ready
*Oct 12 06:49:23.362: L2TP 00023:08023:00008D28: FSM-Sn    in Wt-Rx-ICCN
*Oct 12 06:49:23.366: L2TP 00023:08023:00008D28: FSM-Sn do Ignore-Sock-Up
*Oct 12 06:49:23.366: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:23.366: L2TP 00023:08023:00008D28: O ICRP to thanatos 121/3723
*Oct 12 06:49:23.366: L2TP 00023:08023:00008D28:  IETF v2:
*Oct 12 06:49:23.366: L2TP 00023:08023:00008D28:   Assigned Call ID  0x00008D28 (36136)
*Oct 12 06:49:23.366: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:23.370: L2TP 00023:08023:00008D28: APP->L2TP: Setup dataplane [15],
*Oct 12 06:49:23.370: L2TP 00023:08023:00008D28:            sock 00001022
*Oct 12 06:49:23.370: L2TP 00023:08023:00008D28:            serv 00008022
*Oct 12 06:49:23.370: L2TP 00023:08023:00008D28:            data 684D0DCC[20]
*Oct 12 06:49:23.370: L2TP 00023:08023:00008D28:            replied on same socket
*Oct 12 06:49:23.370: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:23.370: L2TP 00023:08023:00008D28: FSM-Sn ev DP-Setup
*Oct 12 06:49:23.370: L2TP 00023:08023:00008D28: FSM-Sn    in Wt-Rx-ICCN
*Oct 12 06:49:23.370: L2TP 00023:08023:00008D28: FSM-Sn do Ignore-DP-Setup
*Oct 12 06:49:23.422: L2TP tnl   08023:00007D8D: Drain unsentQ, cur/max resendQ sz 0/4, unsentQ 0
*Oct 12 06:49:23.422: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:23.422: L2TP 00023:08023:00008D28: I ICCN, flg TLS, ver 2, len 40
*Oct 12 06:49:23.422: L2TP 00023:08023:00008D28:  IETF v2:
*Oct 12 06:49:23.422: L2TP 00023:08023:00008D28:   Framing Type      both(3)
*Oct 12 06:49:23.422: L2TP 00023:08023:00008D28:   Connect Speed     1000000
*Oct 12 06:49:23.422: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:23.422: L2TP 00023:08023:00008D28: O ZLB ACK to thanatos 121/3723
*Oct 12 06:49:23.426: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:23.426: L2TP 00023:08023:00008D28: FSM-Sn ev Rx-ICCN
*Oct 12 06:49:23.426: L2TP 00023:08023:00008D28: FSM-Sn    Wt-Rx-ICCN->Proc-ICCN
*Oct 12 06:49:23.426: L2TP 00023:08023:00008D28: FSM-Sn do Rx-ICCN
*Oct 12 06:49:23.426: L2TP 00023:08023:00008D28:   MTU is 65535
*Oct 12 06:49:23.426: L2TP 00023:08023:00008D28: Session data plane UP
*Oct 12 06:49:23.426: L2TP 00023:08023:00008D28: VPDN: process AVPs
*Oct 12 06:49:23.426: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:23.426: L2TP 00023:08023:00008D28: APP<-L2TP: Connected
*Oct 12 06:49:23.426: L2TP 00023:08023:00008D28:            sock 00001022
*Oct 12 06:49:23.426: L2TP 00023:08023:00008D28:            serv 00008022
*Oct 12 06:49:23.426: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:23.430: L2TP 00023:08023:00008D28: FSM-Sn ev ICCN-OK
*Oct 12 06:49:23.430: L2TP 00023:08023:00008D28: FSM-Sn    Proc-ICCN->established
*Oct 12 06:49:23.430: L2TP 00023:08023:00008D28: FSM-Sn do Established
*Oct 12 06:49:23.430: L2TP 00023:08023:00008D28: Session up
*Oct 12 06:49:23.430: L2TP 00023:08023:00008D28:   <external IP><-><remote IP>
*Oct 12 06:49:26.582: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.582: L2TP 00023:08023:00008D28: APP->L2TP: Session updated [12],
*Oct 12 06:49:26.582: L2TP 00023:08023:00008D28:            sock 00001022
*Oct 12 06:49:26.582: L2TP 00023:08023:00008D28:            serv 00008022
*Oct 12 06:49:26.582: L2TP 00023:08023:00008D28:            data 684874F8[98]
*Oct 12 06:49:26.582: L2TP 00023:08023:00008D28:            replied on same socket
*Oct 12 06:49:26.582: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.582: L2TP 00023:08023:00008D28:   App type set to VPDN
*Oct 12 06:49:26.582: L2TP 00023:08023:00008D28:   Sequencing default tx disabled
*Oct 12 06:49:26.582: L2TP 00023:08023:00008D28:   Sequencing default rx disabled
*Oct 12 06:49:26.582: L2TP 00023:08023:00008D28:   Framing set to sync
*Oct 12 06:49:26.582: L2TP 00023:08023:00008D28:   Bearer set to none
*Oct 12 06:49:26.586: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.586: L2TP 00023:08023:00008D28: APP<-L2TP: Dataplane up
*Oct 12 06:49:26.586: L2TP 00023:08023:00008D28:            sock 00001022
*Oct 12 06:49:26.586: L2TP 00023:08023:00008D28:            serv 00008022
*Oct 12 06:49:26.586: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.586: L2TP 00023:08023:00008D28: FSM-Sn ev DP-Up
*Oct 12 06:49:26.586: L2TP 00023:08023:00008D28: FSM-Sn    in established
*Oct 12 06:49:26.590: L2TP 00023:08023:00008D28: FSM-Sn do Ignore-DP-UP
*Oct 12 06:49:26.594: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.594: L2TP 00023:08023:00008D28: APP->L2TP: Session updated [12],
*Oct 12 06:49:26.594: L2TP 00023:08023:00008D28:            sock 00001022
*Oct 12 06:49:26.594: L2TP 00023:08023:00008D28:            serv 00008022
*Oct 12 06:49:26.594: L2TP 00023:08023:00008D28:            data 68488A7C[111]
*Oct 12 06:49:26.594: L2TP 00023:08023:00008D28:            replied on same socket
*Oct 12 06:49:26.594: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.594: L2TP 00023:08023:00008D28:   App type set to VPDN
*Oct 12 06:49:26.594: L2TP 00023:08023:00008D28:   Sequencing default tx disabled
*Oct 12 06:49:26.594: L2TP 00023:08023:00008D28:   Sequencing default rx disabled
*Oct 12 06:49:26.594: L2TP 00023:08023:00008D28:   Framing set to sync
*Oct 12 06:49:26.594: L2TP 00023:08023:00008D28:   Bearer set to none
*Oct 12 06:49:26.598: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.598: L2TP 00023:08023:00008D28: APP->L2TP: Session updated [12],
*Oct 12 06:49:26.598: L2TP 00023:08023:00008D28:            sock 00001022
*Oct 12 06:49:26.598: L2TP 00023:08023:00008D28:            serv 00008022
*Oct 12 06:49:26.598: L2TP 00023:08023:00008D28:            data 683515A8[66]
*Oct 12 06:49:26.598: L2TP 00023:08023:00008D28:            replied on same socket
*Oct 12 06:49:26.598: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.598: L2TP 00023:08023:00008D28:   App type set to VPDN
*Oct 12 06:49:26.598: L2TP 00023:08023:00008D28:   Sequencing default tx disabled
*Oct 12 06:49:26.602: L2TP 00023:08023:00008D28:   Sequencing default rx disabled
*Oct 12 06:49:26.602: L2TP 00023:08023:00008D28:   Framing set to sync
*Oct 12 06:49:26.602: L2TP 00023:08023:00008D28:   Bearer set to none
*Oct 12 06:49:26.654: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.654: L2TP 00023:08023:00008D28: APP->L2TP: local circuit status [21],
*Oct 12 06:49:26.654: L2TP 00023:08023:00008D28:            sock 00001022
*Oct 12 06:49:26.654: L2TP 00023:08023:00008D28:            serv 00008022
*Oct 12 06:49:26.654: L2TP 00023:08023:00008D28:            data 684C65C8[41]
*Oct 12 06:49:26.654: L2TP 00023:08023:00008D28:            replied on same socket
*Oct 12 06:49:26.654: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.682: L2TP 00023:08023:00008D28: I CDN, flg TLS, ver 2, len 42
*Oct 12 06:49:26.682: L2TP 00023:08023:00008D28:  IETF v2:
*Oct 12 06:49:26.682: L2TP 00023:08023:00008D28:   Result Code       
*Oct 12 06:49:26.682: L2TP 00023:08023:00008D28:     Reserved(768)
*Oct 12 06:49:26.682: L2TP 00023:08023:00008D28:     Error code
*Oct 12 06:49:26.682: L2TP 00023:08023:00008D28:       No error(0)
*Oct 12 06:49:26.682: L2TP 00023:08023:00008D28:     Optional msg
*Oct 12 06:49:26.682: L2TP 00023:08023:00008D28:        "<00><03><00><00>"
*Oct 12 06:49:26.682: L2TP 00023:08023:00008D28:   Assigned Call ID  0x00000E8B (3723)
*Oct 12 06:49:26.686: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.686: L2TP 00023:08023:00008D28: O ZLB ACK to thanatos 121/3723
*Oct 12 06:49:26.686: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.686: L2TP 00023:08023:00008D28: FSM-Sn ev Rx-CDN
*Oct 12 06:49:26.686: L2TP 00023:08023:00008D28: FSM-Sn    established->Idle
*Oct 12 06:49:26.686: L2TP 00023:08023:00008D28: FSM-Sn do Rx-CDN
*Oct 12 06:49:26.686: L2TP 00023:08023:00008D28: VPDN: process AVPs
*Oct 12 06:49:26.686: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.686: L2TP 00023:08023:00008D28: Shutting down session
*Oct 12 06:49:26.686: L2TP 00023:08023:00008D28:   Result Code
*Oct 12 06:49:26.686: L2TP 00023:08023:00008D28:     Reserved (0)
*Oct 12 06:49:26.686: L2TP 00023:08023:00008D28:   Error Code
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28:     No error (0)
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28:   Vendor Error
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28:     None (0)
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28: FSM-Sn ev Shut
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28: FSM-Sn    Idle->Dead
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28: FSM-Sn do Destroy
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28: APP<-L2TP: Disconnect
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28:            sock 00001022
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28:            serv 00008022
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28:  
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28: Session down
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28:   <external IP><-><remote IP>
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28: Destroying session
*Oct 12 06:49:26.690: L2TP 00023:08023:00008D28: Request teardown data plane
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D: FSM-CC ev Session-Disc
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D: FSM-CC    in established
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D: FSM-CC do Session-Disc-Est
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D:   Session count now 0
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D:   VPDN Session count now 0
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D: FSM-CC ev No-Users
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D: FSM-CC    established->Est-No-User
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D: FSM-CC do No-Users
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D: No more cc users, shutdown (likely) in 10 secs
*Oct 12 06:49:26.694: L2TP 00023:_____:________: Session detached
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D: StopCCN: skip authen, no nonce yet
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D: I StopCCN, flg TLS, ver 2, len 42
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D:  IETF v2:
*Oct 12 06:49:26.694: L2TP tnl   08023:00007D8D:   Result Code       
*Oct 12 06:49:26.698: L2TP tnl   08023:00007D8D:     No error(256)
*Oct 12 06:49:26.698: L2TP tnl   08023:00007D8D:     Error code
*Oct 12 06:49:26.698: L2TP tnl   08023:00007D8D:       No error(0)
*Oct 12 06:49:26.698: L2TP tnl   08023:00007D8D:     Optional msg
*Oct 12 06:49:26.698: L2TP tnl   08023:00007D8D:        "<00><03><00><00>"
*Oct 12 06:49:26.698: L2TP tnl   08023:00007D8D:   Assigned Tunnel I 0x00000079 (121)
*Oct 12 06:49:26.698: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:26.698: L2TP tnl   08023:00007D8D: O ZLB ACK to thanatos tnl 121
*Oct 12 06:49:26.698: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D: FSM-CC ev Rx-StopCCN
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D: FSM-CC    in Est-No-User
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D: FSM-CC do Rx-StopCCN
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D: Shutting down tunnel
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D:   Result Code
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D:     No error
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D:   Error Code
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D:     No error
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D:   Vendor Error
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D:     None
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D:  
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D: FSM-CC ev Shut-Now
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D: FSM-CC    Est-No-User->Wt-STOPACK
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D: FSM-CC do Shutnow
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D: FSM-CC ev Shut-Comp
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D: FSM-CC    Wt-STOPACK->Dead
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D: FSM-CC do Shutdown-Completed
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D: Control channel down
*Oct 12 06:49:26.702: L2TP tnl   08023:00007D8D:   <external IP><-><remote IP>
*Oct 12 06:49:26.706: L2TP tnl   08023:00007D8D: Destroying tunnel
*Oct 12 06:49:26.706: L2TP: Removing per-cc stats db entry, tun-id 32141
*Oct 12 06:49:26.706: L2X  tnl   08023:________: Destroying logical tunnel
*Oct 12 06:49:26.706: L2X        _____:________: class [AAA author, group "L2TP"]
*Oct 12 06:49:26.706: L2X        _____:________:   Protocol unlocked 1->0
*Oct 12 06:49:26.706: L2X        _____:________: class[AAA author, group "L2TP"]
*Oct 12 06:49:26.706: L2X        _____:________:   no more locks
*Oct 12 06:49:26.706: L2X        _____:________: class [AAA author, group "L2TP"]
*Oct 12 06:49:26.706: L2X        _____:________:   deleted
*Oct 12 06:49:26.714: L2X  00023:_____:________:  
*Oct 12 06:49:26.714: L2X  00023:_____:________: APP->L2TP: Destroy [11],
*Oct 12 06:49:26.714: L2X  00023:_____:________:            sock 00001022
*Oct 12 06:49:26.714: L2X  00023:_____:________:            serv 00008022
*Oct 12 06:49:26.714: L2X  00023:_____:________:            data 684889D4[277]
*Oct 12 06:49:26.714: L2X  00023:_____:________:            replied on same socket
*Oct 12 06:49:26.714: L2X  00023:_____:________:  
*Oct 12 06:49:26.714: L2X  00023:_____:________: L2TUN: remove sock 00001022
*Oct 12 06:49:26.714: L2X  00023:_____:________: Destroying logical session