(华为)路由器PPPoE_Client、PPPoE_Server、Nat_Easy 配置
SW1:
<SW1>display current-configuration # sysname SW1 # vlan batch 3 5 10 # cluster enable ntdp enable ndp enable # drop illegal-mac alarm # diffserv domain default # drop-profile default # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password simple admin local-user admin service-type http # interface Vlanif1 # interface Vlanif3 ip address 172.16.3.254 255.255.255.0 # interface Vlanif5 ip address 172.16.5.254 255.255.255.0 # interface Vlanif10 ip address 172.16.10.254 255.255.255.0 # interface MEth0/0/1 # interface Ethernet0/0/1 port link-type access port default vlan 3 # interface Ethernet0/0/2 port link-type access port default vlan 5 # interface Ethernet0/0/3 # interface Ethernet0/0/4 # interface Ethernet0/0/5 # interface Ethernet0/0/6 # interface Ethernet0/0/7 # interface Ethernet0/0/8 # interface Ethernet0/0/9 # interface Ethernet0/0/10 # interface Ethernet0/0/11 # interface Ethernet0/0/12 # interface Ethernet0/0/13 # interface Ethernet0/0/14 # interface Ethernet0/0/15 # interface Ethernet0/0/16 # interface Ethernet0/0/17 # interface Ethernet0/0/18 # interface Ethernet0/0/19 # interface Ethernet0/0/20 # interface Ethernet0/0/21 # interface Ethernet0/0/22 # interface GigabitEthernet0/0/1 port link-type access port default vlan 10 # interface GigabitEthernet0/0/2 # interface NULL0 # ip route-static 0.0.0.0 0.0.0.0 172.16.10.253 # user-interface con 0 user-interface vty 0 4 # return
R1(PPPoE_Client):
<R1>display current-configuration [V200R003C00] # sysname R1 # snmp-agent local-engineid 800007DB03000000000000 snmp-agent # clock timezone China-Standard-Time minus 08:00:00 # portal local-server load portalpage.zip # drop illegal-mac alarm # set cpu-usage threshold 80 restore 75 # acl number 2001 rule 1 permit source 172.16.0.0 0.0.255.255 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$ local-user admin service-type http # firewall zone Local priority 15 # interface Dialer1 link-protocol ppp ppp pap local-user admin password cipher %$%$ocCDBTU]TXvAJe2qJ]{Q,.%3%$%$ ip address ppp-negotiate dialer user admin dialer bundle 1 dialer-group 1 nat outbound 2001 # interface GigabitEthernet0/0/0 pppoe-client dial-bundle-number 1 on-demand # interface GigabitEthernet0/0/1 ip address 172.16.10.253 255.255.255.0 # interface GigabitEthernet0/0/2 # interface NULL0 # dialer-rule dialer-rule 1 ip permit # ip route-static 0.0.0.0 0.0.0.0 Dialer1 ip route-static 172.16.0.0 255.255.0.0 172.16.10.254
interface g0/0/1
ip add 172.16.10.253 24
ip route-static 172.16.0.0 16 172.16.10.254
dialer-rule
dialer-rule 1 ip permit //设置拨号规则来发起PPPoE会话的条件(使用IP协议)
quit
interface dialer 1 //创建并进入Dialer接口
dialer user admin //配置对端用户名,这个用户名必须与对端服务器上的PPP用户名相同。
dialer-group 1 //将该接口放置于一个拨号访问组中。
dialer bundle 1 //指定Dialer接口使用的Dialer bundle。设备通过Dialer bundle将物理接口与拨号接口关联起来。
ppp pap local-user chinaitwang password cipher chinaitwang //配置用户名密码
ip add ppp-negotiate //IP地址协商获得。
link-protocol ppp //一般默认为该协议,不需要配置。
interface g0/0/0
pppoe-client dial-bundle-number 1 on-demand
quit
ip route-static 0.0.0.0 0.0.0.0 dialer 1 //用来实现Dialer Bundle和物理接口的绑定,用来指定PPPoE会话对应的Dialer Bundle,其中number是与PPPoE会话相对应的Dialer Bundle编号。On-demand表示PPPoE会话工作在按需拨号模式。
R2(PPPoE_Server):
<R2>display current-configuration [V200R003C00] # sysname R2 # snmp-agent local-engineid 800007DB03000000000000 snmp-agent # clock timezone China-Standard-Time minus 08:00:00 # portal local-server load portalpage.zip # drop illegal-mac alarm # set cpu-usage threshold 80 restore 75 # ip pool 1 network 1.1.1.0 mask 255.255.255.0 # aaa authentication-scheme default authorization-scheme default accounting-scheme default domain default domain default_admin local-user admin password cipher %$%$xzC~K2#m6M-%xWFR$U\Kf)*#%$%$ local-user admin service-type ppp # firewall zone Local priority 15 # interface Virtual-Template1 ppp authentication-mode pap remote address pool 1 ip address 1.1.1.1 255.255.255.0 # interface GigabitEthernet0/0/0 pppoe-server bind Virtual-Template 1 # interface GigabitEthernet0/0/1 # interface GigabitEthernet0/0/2 # interface NULL0 # interface LoopBack0 ip address 2.2.2.2 255.255.255.0 # user-interface con 0 authentication-mode password user-interface vty 0 4 user-interface vty 16 20 # wlan ac # return <R2>
interface loopback 0
ip add 2.2.2.2 24
interface virtual-template 1 //建立虚拟模板接口1
ppp authentication-mode pap //配置ppp验证类型为pap
ip add 1.1.1.1 255.255.255.0
remote address pool 1 //对端地址为地址池1里面的
interface g0/0/0
pppoe-server bind virtual-template 1 //该接口绑定到虚拟模板接口1
aaa //配置aaa用户名密码
local-user admin password cipher admin
quit
ip pool 1 //配置地址池
network 1.1.1.0 mask 255.255.255.0