Search This Blog

Saturday, November 17, 2012

PPPoE




This is  the network setup:


R1 acts as PPPoE server while R2 is the client.
 
Basic Configuration using DHCP pool:

R1 [Server]:
Vpdn enable
!
bba-group pppoe GRP1
 virtual-template 1
!
username R2 password 0 cisco
!
ip dhcp pool LAN
   network 10.0.0.0 255.255.255.0
   default-router 10.0.0.1
!
interface Virtual-Template1
 ip address 10.0.0.1 255.255.255.0
 ppp authentication chap
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 pppoe enable group GRP1

R2 [Client]:
Vpdn enable
!
username R1 password 0 cisco
!
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface Dialer1
 ip address dhcp
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap


Basic Configuration using IP local pool:

R1 [Server]:
Vpdn enable
!
bba-group pppoe GRP1
 virtual-template 1
!
username R2 password 0 cisco
!
ip local pool DIAL-POOL 10.0.0.100 10.0.0.150
!
interface Virtual-Template1
 ip address 10.0.0.1 255.255.255.0
 peer default ip address pool DIAL-POOL
 ppp authentication chap
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 pppoe enable group GRP1

R2 [Client]:
Vpdn enable
!
username R1 password 0 cisco
!
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface Dialer1
 ip address negotiated
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap

Note that R2 is assigned with /32 ip address from R1 using ip local pool command, also unlike using DHCP pool we can’t assign default-router or any other settings (beside DNS which can be configured with ppp ipcp command) to R2 and we will need to configure static default route toward dialer 1.

R2#show interfaces dialer 1
Dialer1 is up, line protocol is up (spoofing)
  Hardware is Unknown
  Internet address is 10.0.0.100/32
  MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, loopback not set
  Keepalive set (10 sec)
  DTR is pulsed for 1 seconds on reset
  Interface is bound to Vi2
  Last input never, output never,

Basic Configuration using IP local pool and CHAP authentication two-way:

R1 [Server]:
Vpdn enable
!
bba-group pppoe GRP1
 virtual-template 1
!
username R2 password 0 cisco
!
ip local pool DIAL-POOL 10.0.0.100 10.0.0.150
!
interface Virtual-Template1
 ip address 10.0.0.1 255.255.255.0
 peer default ip address pool DIAL-POOL
 ppp authentication chap
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 pppoe enable group GRP1

R2 [Client]:
Vpdn enable
!
Username R1 password cisco
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface Dialer1
 ip address negotiated
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap


Basic Configuration using IP local pool and CHAP authentication one-way:

R1 [Server]:
Vpdn enable
!
bba-group pppoe GRP1
 virtual-template 1
!
username R2 password 0 cisco
!
ip local pool DIAL-POOL 10.0.0.100 10.0.0.150
!
interface Virtual-Template1
 ip address 10.0.0.1 255.255.255.0
 peer default ip address pool DIAL-POOL
 ppp authentication chap
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 pppoe enable group GRP1

R2 [Client]:
Vpdn enable
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface Dialer1
 ip address negotiated
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap callin
 ppp chap username R2
 ppp chap password cisco

Basic Configuration using IP local pool and CHAP authentication one-way using AAA:

R1 [Server]:
Vpdn enable
!
bba-group pppoe GRP1
 virtual-template 1
!
username R2 password 0 cisco
!
aaa new-model
aaa authentication ppp default local
!
ip local pool DIAL-POOL 10.0.0.100 10.0.0.150
!
interface Virtual-Template1
 ip address 10.0.0.1 255.255.255.0
 peer default ip address pool DIAL-POOL
 ppp authentication chap
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 pppoe enable group GRP1

R2 [Client]:
Vpdn enable
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface Dialer1
 ip address negotiated
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap callin
 ppp chap username R2
 ppp chap password cisco

Using AAA has many benefits which I will not describe here in this post but I will mention it allows us to use RADIUS or TACACS server for authenticating users and account their start and stop times.
R1#show aaa user all
--------------------------------------------------
Unique id 9 is currently in use.
Accounting:
  log=0x20C241
  Events recorded :
    CALL START
    ATTR REPLACE
    NET UP
    IPCP_PASS
    INTERIM START
    VPDN NET UP
<OUTPUT OMITTED>
  StartTime = 00:32:12 UTC Mar 1 2002
  AuthenTime = 00:32:12 UTC Mar 1 2002
  Component = PPoE
Authen: service=PPP type=CHAP method=LOCAL
Kerb: No data available
Meth: No data available
Preauth: No Preauth data.
General:
  Unique Id = 00000009
  Session Id = 00000001
  Attribute List:
    64FC1404 0 00000001 port-type(161) 4 PPP over Ethernet
    64FC1418 0 00000009 interface(157) 7 0/0/0/0
PerU: No data available
Service Profile: No Service Profile data.

 

No comments:

Post a Comment