PPPOE撥号上網實驗
實驗拓撲
PPPOE撥号上網實驗PPPOE撥号上網實驗實驗拓撲實驗描述:配置解析:測試配置腳本: 實驗描述:
企業出口裝置配置PPPOE,是的内網使用者可以通路外網。
配置規劃:
- PPPoE CLIENT路由器:
- ip 192.168.1.0/24為PC位址段,vlan是1,GE0/0/0接口是外網出口;
- 路由器ETH2/0/7為二層接口,綁定vlan1,下連PC;
- PPPOE SERVER路由器:
- 模拟營運商的PPPOE伺服器,配置認證使用者名和密碼,配置認證位址,同時在loopback接口上配置位址模拟外網(100.100.100.1);
配置思路:
PPPOE撥号上網實驗PPPOE撥号上網實驗實驗拓撲實驗描述:配置解析:測試配置腳本: 配置解析:
PPPOE SERVER:
PPPOE位址池
- 位址池名稱 PPPOE
- 配置網段
- 配置網關
- 配置DNS
#
ip pool PPPOE
gateway-list 221.16.1.254
network 221.16.1.0 mask 255.255.255.0
dns-list 221.16.1.1 114.114.114.114
#
虛模版
- 建立虛模闆序号為 0
- 配置PPP認證的認證模式為PAP
- 配置接口位址即網關位址
- 配置遠端認證用戶端的位址池
#
interface Virtual-Template0
ppp authentication-mode pap
remote address pool PPPOE
ip address 221.16.1.254 255.255.255.0
#
接口引用虛模闆
- 以太網接口引用模闆
#
interface GigabitEthernet0/0/0
pppoe-server bind Virtual-Template 0
#
配置認證使用者名和密碼
- 建立使用者名為pppoetest
- 密碼為123456
- 使用者名支援的服務為ppp
#
aaa
local-user pppoetest password cipher 123456
local-user pppoetest service-type ppp
#
PPPOE CLIENT:
撥号規則
- 新增撥号規則1
#
dialer-rule
dialer-rule 1 ip permit
#
撥号接口
- 建立虛拟撥号口 dialer 0
- 配置撥号名稱 test_pppoe
- 建立撥号組 1
- 綁定撥号組 1
- 配置PPP認證賬戶和密碼
- 配置IP位址為鄰居協商
#
interface Dialer0
link-protocol ppp
ppp pap local-user pppoetest password simple 123456
ip address ppp-negotiate
dialer user test_pppoe
dialer bundle 1
dialer-group 1
#
在實體口綁定dialer口
- 配置pppoe用戶端撥号組 1
- 撥号模式為自動
#
interface GigabitEthernet0/0/0
pppoe-client dial-bundle-number 1
#
預設路由配置
- 全局下,配置一條預設路由,且預設路由的下一跳接口為虛拟撥号接口 0
#
ip route-static 0.0.0.0 0.0.0.0 Dialer0
#
- 在虛拟接口下配置協商預設路由
#
interface Dialer0
ppp ipcp default-route
#
- 全局下配置預設路由或者撥号接口下配置協商預設路由二選一即可
NAT配置
- 建立位址轉換規則
#
acl name source_nat 2000
step 10
rule 10 permit source 192.168.1.0 0.0.0.255
#
- 到撥号接口下做Soure NAT
#
interface Dialer0
nat outbound 2000
#
調試指令
檢視撥号接口的狀态資訊
display interface Dialer 0
檢視撥号會話概要
display pppoe-client session summary
檢視路由表
clientdisplay ip routing-table
測試
PC ping 網段網關
PPPOE撥号上網實驗PPPOE撥号上網實驗實驗拓撲實驗描述:配置解析:測試配置腳本: PC ping 出口位址
PC ping 外網網關
PC ping 模拟外網位址
配置腳本:
PPPOE SERVER
[V200R003C00]
#
sysname PPPOE_SERVER
#
ip pool PPPOE
gateway-list 221.16.1.254
network 221.16.1.0 mask 255.255.255.0
dns-list 221.16.1.1 114.114.114.114
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
local-user pppoetest password cipher 123456
local-user pppoetest service-type ppp
#
interface Virtual-Template0
ppp authentication-mode pap
remote address pool PPPOE
ip address 221.16.1.254 255.255.255.0
#
interface GigabitEthernet0/0/0
pppoe-server bind Virtual-Template 0
#
interface LoopBack1
ip address 100.100.100.100 255.255.255.255
#
return
PPPOE CLIENT
[V200R003C00]
#
sysname client
#
dhcp enable
#
acl name source_nat 2000
step 10
rule 10 permit source 192.168.1.0 0.0.0.255
#
ip pool PC
gateway-list 192.168.1.254
network 192.168.1.0 mask 255.255.255.0
#
nat address-group 0 192.168.1.1 192.168.1.253
#
interface Dialer0
link-protocol ppp
ppp ipcp default-route
ppp pap local-user pppoetest password simple 123456
ip address ppp-negotiate
dialer user test_pppoe
dialer bundle 1
dialer-group 1
nat outbound 2000
#
interface Vlanif1
ip address 192.168.1.254 255.255.255.0
dhcp select global
#
interface Ethernet2/0/7
#
interface GigabitEthernet0/0/0
pppoe-client dial-bundle-number 1
#
dialer-rule
dialer-rule 1 ip permit
#
return
