#实验 2-3 配置 PPPoE 客户端
学习目标
掌握PPPoE客户端拨号接口的配置方法
掌握PPPoE客户端认证的配置方法
场景
企业在运营商开通了高速DSL服务用于支持广域网业务。R1和R3分别是企
业分支的边缘路由器,它们通过PPPoE服务器(R2)连接到运营商网络。您需要在企业的边缘路由器上进行PPPoE客户端的配置,让局域网中的主机可以通过PPPoE拨号访问外部资源。
操作步骤
步骤一. 实验环境准备
如果本任务中您使用的是空配置设备,需要从步骤1开始配置,然后跳过步
骤2。如果使用的设备包含上一个实验的配置,请直接从步骤2开始配置。
system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R2
system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
步骤二. 清除设备上原有的配置
关闭串行接口。
[R1]interface Serial 2/0/0
[R1-Serial2/0/0]shutdown
[R3]interface Serial 1/0/0
[R3-Serial1/0/0]shutdown
步骤三. 配置 PPPoE 服务器
虽然PPPoE服务器不在企业网络中,但是本实验中仍需配置PPPoE服务器,
以用于认证企业网络的边缘路由器R1和R3。
[R2]ip pool pool1
Info: It’s successful to create an IP address pool.
[R2-ip-pool-pool1]network 119.84.111.0 mask 255.255.255.0
[R2-ip-pool-pool1]gateway-list 119.84.111.254
[R2-ip-pool-pool1]quit
[R2]interface Virtual-Template 1
[R2-Virtual-Template1]ppp authentication-mode chap
[R2-Virtual-Template1]ip address 119.84.111.254 255.255.255.0
[R2-Virtual-Template1]remote address pool pool1
[R2-Virtual-Template1]quit
在R2的G0/0/0接口绑定虚拟模板。
[R2]interface GigabitEthernet 0/0/0
[R2-GigabitEthernet0/0/0]pppoe-server bind virtual-template 1
[R2-GigabitEthernet0/0/0]quit
为PPPoE被认证方创建合法的账号和密码。
[R2]aaa
[R2-aaa]local-user huawei1 password cipher huawei123
Info: Add a new user.
[R2-aaa]local-user huawei1 service-type ppp
[R2-aaa]local-user huawei2 password cipher huawei123
Info: Add a new user.
[R2-aaa]local-user huawei2 service-type ppp
[R2-aaa]quit
步骤四. 配置 PPPoE 客户端
将R1配置为PPPoE客户端。需要在R1上创建拨号接口并开启PPP认证功能。
配置PPP被认证方的用户名和密码(必须跟PPPoE服务器上的一致)。
[R1]dialer-rule
[R1-dialer-rule]dialer-rule 1 ip permit
[R1-dialer-rule]quit
[R1]interface Dialer 1
[R1-Dialer1]dialer user user1
[R1-Dialer1]dialer-group 1
[R1-Dialer1]dialer bundle 1
[R1-Dialer1]ppp chap user huawei1
[R1-Dialer1]ppp chap password cipher huawei123
[R1-Dialer1]dialer timer idle 300
[R1-Dialer1]dialer queue-length 8
[R1-Dialer1]ip address ppp-negotiate
[R1-Dialer1]quit
将PPPoE拨号接口绑定到出接口。
[R1]interface GigabitEthernet 0/0/0
[R1-GigabitEthernet0/0/0]pppoe-client dial-bundle-number 1
[R1-GigabitEthernet0/0/0]quit
配置本端到PPPoE服务器的缺省静态路由。
[R1]ip route-static 0.0.0.0 0.0.0.0 Dialer 1
将R3配置为PPPoE客户端。配置步骤与R1一样。
[R3]dialer-rule
[R3-dialer-rule]dialer-rule 1 ip permit
[R3-dialer-rule]quit
[R3]interface Dialer 1
[R3-Dialer1]dialer user user2
[R3-Dialer1]dialer-group 1
[R3-Dialer1]dialer bundle 1
[R3-Dialer1]ppp chap user huawei2
[R3-Dialer1]ppp chap password cipher huawei123
[R3-Dialer1]dialer timer idle 300
[R3-Dialer1]dialer queue-length 8
[R3-Dialer1]ip address ppp-negotiate
[R3-Dialer1]quit
[R3]interface GigabitEthernet 0/0/0
[R3-GigabitEthernet0/0/0]pppoe-client dial-bundle-number 1
[R3-GigabitEthernet0/0/0]quit
[R3]ip route-static 0.0.0.0 0.0.0.0 Dialer 1
步骤五. 验证配置结果
执行display pppoe-server session all命令,查看PPPoE会话的状态和配
置信息。
display pppoe-server session all
从回显信息可以看出,会话状态正常。
查看R1和R3上的拨号接口的信息,并确认拨号接口能够从PPPoE服务器获
取IP地址。
display ip interface brief
配置文件
[R1]display current-configuration
[V200R007C00SPC600]
sysname R1
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % =i~>Xp&aY+*2cEVcS-A23Uwe% %
local-user admin service-type http
local-user huawei password cipher % % B:%I)Io0H8)[%SB[idM3C/!#% %
local-user huawei service-type ppp
interface Dialer1
link-protocol ppp
ppp chap user huawei1
ppp chap password cipher % % A8E~UjX}@;bhCL*C4w#<%"Ba% %
ip address ppp-negotiate
dialer user user1
dialer bundle 1
dialer queue-length 8
dialer timer idle 300
dialer-group 1
interface GigabitEthernet0/0/0
pppoe-client dial-bundle-number 1
dialer-rule
dialer-rule 1 ip permit
ip route-static 0.0.0.0 0.0.0.0 Dialer1
user-interface con 0
authentication-mode password
set authentication password
cipher % % dD#}PK6tI}cc-;k_o
C.+L,% %
user-interface vty 0 4
return
[R2]display current-configuration
[V200R007C00SPC600]
sysname R2
ip pool pool1
gateway-list 119.84.111.254
network 119.84.111.0 mask 255.255.255.0
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % =i~>Xp&aY+*2cEVcS-A23Uwe% %
local-user admin service-type http
local-user huawei1 password cipher % % MjCY6,a82N4W`]F]3LMAKG9+% %
local-user huawei1 service-type ppp
local-user huawei2 password cipher % % Ctq55RX:]R,8Jc13{|,)KH!m% %
local-user huawei2 service-type ppp
interface Virtual-Template1
ppp authentication-mode chap
remote address pool pool1
ip address 119.84.111.254 255.255.255.0
interface GigabitEthernet0/0/0
pppoe-server bind Virtual-Template 1
user-interface con 0
authentication-mode password
set authentication password
cipher % % |nRPL^hr2IXi7LHDID!/,.%.8%h;3:,hXO2dk#ikaWI.(,% %
user-interface vty 0 4
return
[R3]display current-configuration
[V200R007C00SPC600]
sysname R3
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher % % =i~>Xp&aY+2cEVcS-A23Uwe% %
local-user admin service-type http
local-user huawei password cipher % % fZsyUk1=O=>:L4’ytgR~DIm% %
local-user huawei service-type ppp
interface Dialer1
link-protocol ppp
ppp chap user huawei2
ppp chap password cipher %$% 0 f 8 ( ; ] 1 N S : q ; S P o 8 T y P 0f8(;^]1NS:q;SPo8TyP%.Ei% 0f8(;]1NS:q;SPo8TyP%$
ip address ppp-negotiate
dialer user user2
dialer bundle 1
dialer queue-length 8
dialer timer idle 300
dialer-group 1
interface GigabitEthernet0/0/0
pppoe-client dial-bundle-number 1
dialer-rule
dialer-rule 1 ip permit
ip route-static 0.0.0.0 0.0.0.0 Dialer1
user-interface con 0
authentication-mode password
set authentication password
cipher % % W|KaTeX parse error: Expected 'EOF', got '}' at position 5: )M5D}̲v@bY^gK\;>QR,.*…%$
user-interface vty 0 4
return