[AusNOG] Draytek 130 blank username/passwords

Craig Askings craig at askings.com.au
Tue Jun 22 20:30:59 EST 2021


I don’t know what platform you are using to terminate your ppp sessions, but Juniper supports a lockout function. I’d be surprised if similar tricks can be done on a Cisco or Mikrotik. 

https://www.juniper.net/documentation/us/en/software/junos/subscriber-mgmt-vlan/topics/concept/subscriber-management-pppoe-lockout-time.html

> On 22 Jun 2021, at 1:34 pm, Benjamin Ricardo <ben.ricardo at acs.com.au> wrote:
> 
> 
> Hi All,
> Looking for some shared experience here.
> We’ve had a complaint from our NBN wholesaler that our Draytek’s, which are configured in PPPoE passthrough, are sending blank authentications to their Radius server at a rate which is impacting their services.
> Our standard deployment since about 2010 has been to deploy an xDSL type modem in PPPoE passthrough and then use a router to send the authentication. Interestingly we’ve never had this complaint before…
> Our work around was that our wholesaler requires the credentials to be sent on a vlan so instead of using the Draytek to handle the vlan-ing we changed the router to insert the vlan (so the Draytek can be as noisy as it likes and it doesn’t affect them)
>  
> I’m wondering if others have also had this experience with these devices… and what you did about it?
> Also, surely if the stupid Draytek is in pppoe passthrough it should know not to try to authenticate itself???
>  
> Cheers,
> Ben
>  
>  
>  
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20210622/cf645d08/attachment.html>


More information about the AusNOG mailing list