Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 2459 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VDSL/PPPoE keine Verbindung mit XG 17.5.10 und LANCOM R883VAW

JuergenB

Hallo,

ich versuche mit einer XG 17.5.10 (unter VMware) und einem LANCOM Router eine VDSL Verbindung herzustellen.
Der LANCOM läuft im Bridge Mode, die XG wird über ein NIC Interface mit ETH1 mit dem LANCOM verbunden und der LANCOM hängt am VDSL.

Der LANCOM als Router läuft am VDSL einwandfrei.

Jetzt soll der LANCOM als Modem eingesetzt werden.

Jedoch kommt keine Verbindung über PPPoE zustande, ich habe mehrfach den LANCOM konfiguriert und auch die XG konfiguriert.

Nach einigem hin und her habe ich Dank des LANCOM Forums zwei Traces gemacht, 1x vom Bridge Modem und 1x vom LAN Interface des LANCOM (hier hängt die XG).

Den Logs nach wird auf der Bridge und dem ETH1 des LANCOM ein PADI/PADO durchgeführt, aber die XG kommt mit den Daten nicht zurecht oder führt keine Einwahl durch.

Kann jemand die Logs einsehen, es scheint so, das Bridge Modem kommt mit einer PRIO 6 zurück, die XG sendet ein PRIO 0.

Beide verwendet auch das VDSL Tag 7.

Und bitte, keine Antworten der Art (Warum ein LANCOM, gibt billigere Lösungen oder Warum eine XG, der LANCOM hat doch schon alles).
Oder, warum nicht beim Hersteller nachfragen (Da bekommt man zeitnah keine Antwort, hatte da letztes Jahr Wartezeiten von 3-4 Wochen).
Ich will mit einer XG Erfahrungen sammeln UND auch mit LANCOM Routern ...

Gruß

Jürgen

[Ethernet] 2020/04/15 10:49:08,460
Received 60 byte Ethernet packet via LAN-1:
HW Switch Port      : ETH-1
-->IEEE 802.3 Header
Dest                : ff:ff:ff:ff:ff:ff (Broadcast)
Source              : 00:0c:29:c8:c2:7f (VMWare c8:c2:7f)
Type                : 802.1p/q VLAN
-->802.1p/q VLAN Header
VLAN Id             : 7
VLAN Prio           : 0
VLAN CFI            : 0
Type                : PPPoE Discovery
-->PPPoE Discovery Packet
Version             : 1
Type                : 1
Code                : Active Discovery Indication (PADI)
Session-ID          : 0
Payload Length      : 12
Service-Name        :
Host-Uniq           : c5 12 00 00             ....
Packet Trailer      : 00 00 00 00 00 00 00 00 ........
                      00 00 00 00 00 00 00 00 ........
                      00 00 00 00 00 00 00 00 ........

[Ethernet] 2020/04/15 10:49:08,571
Sent 66 byte Ethernet packet via LAN-1:
HW Switch Port      : ETH-1
-->IEEE 802.3 Header
Dest                : 00:0c:29:c8:c2:7f (VMWare c8:c2:7f)
Source              : 88:a2:5e:bb:1f:15
Type                : 802.1p/q VLAN
-->802.1p/q VLAN Header
VLAN Id             : 7
VLAN Prio           : 6
VLAN CFI            : 0
Type                : PPPoE Discovery
-->PPPoE Discovery Packet
Version             : 1
Type                : 1
Code                : Active Discovery Offer (PADO)
Session-ID          : 0
Payload Length      : 42
AC-Name             : WEZJ02
Host-Uniq           : c5 12 00 00             ....
Service-Name        :
AC-Cookie           : 62 c9 c8 1f b0 47 78 3c b....Gx<
                      e4 74 cb c4 b2 73 ae a6 .t...s..


This thread was automatically locked due to age.
  • 0

    Hi  

    Maybe this article will help - https://community.sophos.com/kb/en-us/123096#vdsl, Let me tag  and  may be they could help you further.

    Regards,

    Keyur
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

  • 0

    Perform a tcpdump on your WAN Port of XG, filter the PADO packets and try to find the reason in Wireshark. Should be easy there. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Thanks,

    i have a second SG210 with 17.5.10 and a Zyxel Modem setup, this works fine.
    I verified the traces on the Zyxel Setup with the LANCOM traces.

    I used the same PPPoE Settings like the Zyxel setup.

    I will try to get some tcpdump with the LANCOM solution today.

  • 0 in reply to JuergenB

    Hello LuCar Toni,

    i got some tcpdumps from XG and LANCOM Router.

    For me it looks, like the XG is not answering the PADO pakets and keeps on asking with PADI?

    I tried your recommendations and read the link.

    Can you check the trace?

    Thanks in advance.

     

    SF01V_VM01_SFOS 17.5.10 MR-10# tcpdump -i PortB -nvvve
    tcpdump: WARNING: PortB: no IPv4 address assigned
    tcpdump:
    11:53:20.849492 PortB, OUT: 00:0c:29:c8:c2:7f > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 36: vlan 7, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0xFD1F0000]
    11:53:20.866693 PortB, IN: 88:a2:5e:bb:1f:15 > 00:0c:29:c8:c2:7f, ethertype PPPoE D (0x8863), length 62: PPPoE PADO [AC-Name "WEZJ02"] [Host-Uniq 0xFD1F0000] [Service-Name] [AC-Cookie 0x62C9C81FB0 47783CE474CBC4B273AEA6]
    11:53:25.859340 PortB, OUT: 00:0c:29:c8:c2:7f > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 36: vlan 7, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0xFD1F0000]
    11:53:25.876413 PortB, IN: 88:a2:5e:bb:1f:15 > 00:0c:29:c8:c2:7f, ethertype PPPoE D (0x8863), length 62: PPPoE PADO [AC-Name "WEZJ02"] [Host-Uniq 0xFD1F0000] [Service-Name] [AC-Cookie 0x62C9C81FB0 47783CE474CBC4B273AEA6]
    11:53:30.870883 PortB, OUT: 00:0c:29:c8:c2:7f > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 36: vlan 7, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0xFD1F0000]
    11:53:30.946645 PortB, IN: 88:a2:5e:bb:1f:15 > 00:0c:29:c8:c2:7f, ethertype PPPoE D (0x8863), length 62: PPPoE PADO [AC-Name "WEZJ02"] [Host-Uniq 0xFD1F0000] [Service-Name] [AC-Cookie 0x62C9C81FB0 47783CE474CBC4B273AEA6]
    11:53:35.877987 PortB, OUT: 00:0c:29:c8:c2:7f > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 36: vlan 7, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0xFD1F0000]
    11:53:35.903717 PortB, IN: 88:a2:5e:bb:1f:15 > 00:0c:29:c8:c2:7f, ethertype PPPoE D (0x8863), length 62: PPPoE PADO [AC-Name "WEZJ02"] [Host-Uniq 0xFD1F0000] [Service-Name] [AC-Cookie 0x62C9C81FB0 47783CE474CBC4B273AEA6]
    11:53:40.885839 PortB, OUT: 00:0c:29:c8:c2:7f > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 36: vlan 7, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0xFD1F0000]
    11:53:40.904097 PortB, IN: 88:a2:5e:bb:1f:15 > 00:0c:29:c8:c2:7f, ethertype PPPoE D (0x8863), length 62: PPPoE PADO [AC-Name "WEZJ02"] [Host-Uniq 0xFD1F0000] [Service-Name] [AC-Cookie 0x62C9C81FB0 47783CE474CBC4B273AEA6]
    11:53:45.894121 PortB, OUT: 00:0c:29:c8:c2:7f > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 36: vlan 7, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0xFD1F0000]
    11:53:45.910928 PortB, IN: 88:a2:5e:bb:1f:15 > 00:0c:29:c8:c2:7f, ethertype PPPoE D (0x8863), length 62: PPPoE PADO [AC-Name "WEZJ02"] [Host-Uniq 0xFD1F0000] [Service-Name] [AC-Cookie 0x62C9C81FB047783CE474CBC4B273AEA6]
    11:53:50.903560 PortB, OUT: 00:0c:29:c8:c2:7f > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 36: vlan 7, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0xFD1F0000]
    11:53:50.924329 PortB, IN: 88:a2:5e:bb:1f:15 > 00:0c:29:c8:c2:7f, ethertype PPPoE D (0x8863), length 62: PPPoE PADO [AC-Name "WEZJ02"] [Host-Uniq 0xFD1F0000] [Service-Name] [AC-Cookie 0x62C9C81FB047783CE474CBC4B273AEA6]
    11:53:55.912440 PortB, OUT: 00:0c:29:c8:c2:7f > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 36: vlan 7, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0xFD1F0000]
    11:53:55.929275 PortB, IN: 88:a2:5e:bb:1f:15 > 00:0c:29:c8:c2:7f, ethertype PPPoE D (0x8863), length 62: PPPoE PADO [AC-Name "WEZJ02"] [Host-Uniq 0xFD1F0000] [Service-Name] [AC-Cookie 0x62C9C81FB047783CE474CBC4B273AEA6]
    11:54:00.920135 PortB, OUT: 00:0c:29:c8:c2:7f > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 36: vlan 7, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0xFD1F0000]
    11:54:00.937909 PortB, IN: 88:a2:5e:bb:1f:15 > 00:0c:29:c8:c2:7f, ethertype PPPoE D (0x8863), length 62: PPPoE PADO [AC-Name "WEZJ02"] [Host-Uniq 0xFD1F0000] [Service-Name] [AC-Cookie 0x62C9C81FB047783CE474CBC4B273AEA6]
    11:54:05.931488 PortB, OUT: 00:0c:29:c8:c2:7f > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 36: vlan 7, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq 0xFD1F0000]
    11:54:06.045545 PortB, IN: 88:a2:5e:bb:1f:15 > 00:0c:29:c8:c2:7f, ethertype PPPoE D (0x8863), length 62: PPPoE PADO [AC-Name "WEZJ02"] [Host-Uniq 0xFD1F0000] [Service-Name] [AC-Cookie 0x62C9C81FB047783CE474CBC4B273AEA6]

  • 0 in reply to Keyur

    Hi Keyur,

    thanks for your help.

    today i tried the LANCOM with my Hardware XG 17.5.10 in real world situation.

    The Firewall uses an Zyxel VMG1312 in Bridge Mode.
    I swapped the Zyxel vs. LANCOM (Bridge Mode Config).

    XG doesn´t connect to ISP, all i see in the LOG File is this message.

    PADO Packet timeout no response from server. Please verify service name & ISP link status on modem. Restarting session.

    It looks like Sophos doesn´t like LANCOM Routers and the way they communicate.

    Any idea?

  • 0 in reply to JuergenB

    Do you see in the network.log something ? 

    https://community.sophos.com/kb/en-us/132211

     

    Also check for the VLAN interface on XG: ifconfig 

    There should be already PortB and PortB.7 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Thanks LuCar Toni,

    i did three tcpdump´s on several XG´s (Hardware+Zyxel), (VMWare+LANCOM), (Hardware+LANCOM).

    The Zyxel Modem add´s the VLAN 7 Tag in Hardware, so there is no VDSL VLAN 7 Tagging needed in XG 17.5.10.

    In VMWare and Hardware + LANCOM the XG add´s the VLAN 7 Tag for PPPoE.

    But ...

    LANCOM -> Hardware - (PADO)

    Frame 100: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
    Ethernet II, Src: JuniperN_bb:1f:15 (88:a2:5e:bb:1f:15), Dst: IntelCor_1c:e9:ad (a0:36:9f:1c:e9:ad)
    802.1Q Virtual LAN, PRI: 6, DEI: 0, ID: 7
    PPP-over-Ethernet Discovery

    LANCOM -> VMWare - (PADO)

    Frame 20: 62 bytes on wire (496 bits), 62 bytes captured (496 bits)
    Ethernet II, Src: JuniperN_bb:1f:15 (88:a2:5e:bb:1f:15), Dst: VMware_c8:c2:7f (00:0c:29:c8:c2:7f)
    PPP-over-Ethernet Discovery

    So VMWare Workstation removes the VLAN Tag ...

    maybe with ESX this will work or if i use vxnet3 instead of e1000 NIC..

    Thanks for all the input and help from the community.[8-|]

Unfiltered HTML