PPPOE拨号上网实验
实验拓扑
实验描述:
企业出口设备配置PPPOE,是的内网用户可以访问外网。
配置规划:
- PPPoE CLIENT路由器:
- ip 192.168.1.0/24为PC地址段,vlan是1,GE0/0/0接口是外网出口;
- 路由器ETH2/0/7为二层接口,绑定vlan1,下连PC;
- PPPOE SERVER路由器:
- 模拟运营商的PPPOE服务器,配置认证用户名和密码,配置认证地址,同时在loopback接口上配置地址模拟外网(100.100.100.1);
配置思路:
配置解析:
PPPOE SERVER:
PPPOE地址池
- 地址池名称 PPPOE
- 配置网段
- 配置网关
- 配置DNS
#
ip pool PPPOE
gateway-list 221.16.1.254
network 221.16.1.0 mask 255.255.255.0
dns-list 221.16.1.1 114.114.114.114
#
虚模版
- 创建虚模板序号为 0
- 配置PPP认证的认证模式为PAP
- 配置接口地址即网关地址
- 配置远程认证客户端的地址池
#
interface Virtual-Template0
ppp authentication-mode pap
remote address pool PPPOE
ip address 221.16.1.254 255.255.255.0
#
接口引用虚模板
- 以太网接口引用模板
#
interface GigabitEthernet0/0/0
pppoe-server bind Virtual-Template 0
#
配置认证用户名和密码
- 创建用户名为pppoetest
- 密码为123456
- 用户名支持的服务为ppp
#
aaa
local-user pppoetest password cipher 123456
local-user pppoetest service-type ppp
#
PPPOE CLIENT:
拨号规则
- 新增拨号规则1
#
dialer-rule
dialer-rule 1 ip permit
#
拨号接口
- 创建虚拟拨号口 dialer 0
- 配置拨号名称 test_pppoe
- 创建拨号组 1
- 绑定拨号组 1
- 配置PPP认证账户和密码
- 配置IP地址为邻居协商
#
interface Dialer0
link-protocol ppp
ppp pap local-user pppoetest password simple 123456
ip address ppp-negotiate
dialer user test_pppoe
dialer bundle 1
dialer-group 1
#
在物理口绑定dialer口
- 配置pppoe客户端拨号组 1
- 拨号模式为自动
#
interface GigabitEthernet0/0/0
pppoe-client dial-bundle-number 1
#
默认路由配置
-
全局下,配置一条默认路由,且默认路由的下一跳接口为虚拟拨号接口 0
# ip route-static 0.0.0.0 0.0.0.0 Dialer0 # -
在虚拟接口下配置协商默认路由
# interface Dialer0 ppp ipcp default-route # -
全局下配置默认路由或者拨号接口下配置协商默认路由二选一即可
NAT配置
-
创建地址转换规则
# acl name source_nat 2000 step 10 rule 10 permit source 192.168.1.0 0.0.0.255 # -
到拨号接口下做Soure NAT
# interface Dialer0 nat outbound 2000 #
调试命令
查看拨号接口的状态信息
display interface Dialer 0
查看拨号会话概要
display pppoe-client session summary
查看路由表
clientdisplay ip routing-table
测试
PC ping 网段网关
PC ping 出口地址
PC ping 外网网关
PC ping 模拟外网地址
配置脚本:
PPPOE SERVER
[V200R003C00]
#
sysname PPPOE_SERVER
#
ip pool PPPOE
gateway-list 221.16.1.254
network 221.16.1.0 mask 255.255.255.0
dns-list 221.16.1.1 114.114.114.114
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
local-user pppoetest password cipher 123456
local-user pppoetest service-type ppp
#
interface Virtual-Template0
ppp authentication-mode pap
remote address pool PPPOE
ip address 221.16.1.254 255.255.255.0
#
interface GigabitEthernet0/0/0
pppoe-server bind Virtual-Template 0
#
interface LoopBack1
ip address 100.100.100.100 255.255.255.255
#
return
PPPOE CLIENT
[V200R003C00]
#
sysname client
#
dhcp enable
#
acl name source_nat 2000
step 10
rule 10 permit source 192.168.1.0 0.0.0.255
#
ip pool PC
gateway-list 192.168.1.254
network 192.168.1.0 mask 255.255.255.0
#
nat address-group 0 192.168.1.1 192.168.1.253
#
interface Dialer0
link-protocol ppp
ppp ipcp default-route
ppp pap local-user pppoetest password simple 123456
ip address ppp-negotiate
dialer user test_pppoe
dialer bundle 1
dialer-group 1
nat outbound 2000
#
interface Vlanif1
ip address 192.168.1.254 255.255.255.0
dhcp select global
#
interface Ethernet2/0/7
#
interface GigabitEthernet0/0/0
pppoe-client dial-bundle-number 1
#
dialer-rule
dialer-rule 1 ip permit
#
return