- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
- AIOps for NGFW
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- Cloud NGFW for AWS
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
- COVID-19 Response Center
interesting PPPoE Problem
- LIVEcommunity
- Collaboration
- Discussions
- General Topics
- Re: interesting PPPoE Problem
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
08-13-2013 02:30 AM
Hi guys,
i am currently tasked to replace two firewalls we have in the company. The first is a small cisco ASA 5505 for client breakout and a MS TMG(yeah i hate,too) for publishing the Servers.
For the first step I am trying to replace the ASA. WAN connection is established via ADSL and PPPoE. The session is build just fine, traffic is allowed via accessrules and nat'ed correctly, but I just don't can't ping 8.8.8.8 or get any other traffic responses.
Something I've noticed so far is that our ASA always gets an IP from the 84.x.x.x - 86.x.x.x public ip range. The PA received ip like 188.110.x.x or 92.75.x.x. After the PA established the PPPoE Session i checked if it received the default route via CLI and it was there, NAT is source NAT+PAT of course. All interfaces are added in the virtual router and the correct access list has been hit, so i am quite clueless why it is so difficult to get the wan connection working. The other frustrating point is that i have very limited time windows for testing.
I'm grateful for ideas to solve this issue
Here are some screens from the log.
.
- Labels:
-
Configuration
-
Networking
-
Troubleshooting
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
08-14-2013 11:39 PM
better talk with isp seems to be wrong password
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
08-15-2013 09:11 AM
Hi Vertical,
Like panos said you might want to talk to ISP. From the logs it seems like the pppoe connection is not being setup and everything is being dropped. Once the password and user name is confirmed than we will be able to move forward. Also in the mean time if you think you can not verify password with ISP then seutp a connection on laptop and see if the existing password and connection works. If it works then there might be something wrong with the firewall and you might need to open a support case. But make sure you validate the user name and password by setting up it on a laptop.
Hope this helps narrow down the issue.
Thanks
Numan
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
08-19-2013 11:53 PM
Hi Guys,
i talked with the ISP and had them reset the password. This was the root cause as it now works as expected.
- S2S VPN 2 VRs not working in General Topics
- Cisco ASA PA ipsec issue in General Topics
- Unusual Issues in Hosted ESXI Environment in General Topics
- Cortex XDR 7.1.1 reported as OLD defs after update from 7.0.1. in Cortex XDR Discussions
- PA-820 Threat License attack passed in Threat & Vulnerability Discussions
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
