Router PPPOE
PPPOE-SERVER Configuration:
Basic configuration:
interface Loopback0
ip address 172.16.100.1 255.255.255.0
创建本地用户名:
username cisco password 0 cisco
配置VPDN:虚拟私有拨号网络(Virtual Private Dialup Networks)
vpdn enable
vpdn-group 1
accept-dialin
protocol pppoe
virtual-template 1
pppoe limit per-mac 10
!
bba-group pppoe global
virtual-template 1
sessions per-mac limit 10
定义地址池:
ip local pool pool1 123.231.1.1 123.231.1.10
定义Virtual-Template:
interface Virtual-Template1
mtu 1492
ip unnumbered Loopback0
peer default ip address pool pool1
ppp authentication chap
在物理口上激活PPPOE:
interface Ethernet0
no ip address
pppoe enable
PPPOE-Client Configuration:
Basic configuration:
interface Loopback0
ip address 10.92.1.182 255.255.255.0
配置VPDN:
vpdn enable
vpdn-group pppoe
request-dialin
protocol pppoe
定义dialer接口:
interface Dialer1
ip address negotiated
ip mtu 1492
encapsulation ppp
dialer pool 1
ppp authentication chap callin
ppp chap hostname cisco
ppp chap password 0 cisco
interface Ethernet0/0
pppoe-client dial-pool-number 1
在物理口上激活PPPOE:
interface Ethernet0/0
pppoe enable
作PAT:
access-list 1 permit 10.92.1.0 0.0.0.255
ip nat inside source list 1 interface Dialer1 overload
interface Dialer1
ip nat outside
interface Loopback0
ip nat inside
作默认路由:
ip route 0.0.0.0 0.0.0.0 Dialer1
PIX PPPOE
topology
PPPOE-SERVER Configuration:
Basic configuration:
interface Loopback0
ip address 172.16.100.1 255.255.255.0
创建本地用户名:
username cisco password 0 cisco
配置VPDN:
vpdn enable
vpdn-group 1
accept-dialin
protocol pppoe
virtual-template 1
定义地址池:
ip local pool pool1 123.231.1.1 123.231.1.10
定义Virtual-Template:
interface Virtual-Template1
mtu 1492
ip unnumbered Loopback0
peer default ip address pool pool1
ppp authentication pap
在物理口上激活PPPOE:
interface Ethernet0
no ip address
pppoe enable
PIX Configuration:(client)
配置VPDN:
vpdn group my-pppoe-group request dialout pppoe
vpdn group my-pppoe-group localname cisco
vpdn group my-pppoe-group ppp authentication pap
vpdn username cisco password cisco
配置接口:
ip address outside pppoe setroute
ip address inside 144.1.1.254 255.255.255.0
interface ethernet0 auto
interface ethernet1 auto
作PAT:
nat (inside) 1 144.1.1.0 255.255.255.0
glob (outside) 1 interface
作访问控制列表(测试用):
Access-list out permit icmp any any
Access-group out in interface outside
因篇幅问题不能全部显示,请点此查看更多更全内容