Category:Cisco Systems -> Routing and Switching
Basic PPPoE client configuration:
// In global configuratin mode.
interface dialer 1
ip address negotiated
encapsulation ppp
dialer pool 1
ip mtu 1492
ip nat outside
ppp authentication chap callin
ppp chap hostname YOURUSERNAME
ppp chap password YOURPASS
ppp ipcp dns request
interface fastethernet 4
pppoe enable
pppoe-client dial-pool-number 1
interface vlan 1
ip address 192.168.1.254 255.255.255.0
ip nat inside
no shutdown
ip access-list extended NAT_TRAFFIC
permit ip 192.168.1.0 0.0.0.255 any
ip nat inside source list NAT_TRAFFIC interface dialer 1 overload
ip route 0.0.0.0 0.0.0.0 interface dialer 1
Basic PPPoE server configuration without RADIUS
It’s a draft, only a draft, but it’s working. There has to be a lot of tweaks to it if you want it to work properly. For me this configuration was a pass-through 5 min detour on the way to the RADIUS authentication so I didn’t bother with details in this one. If you wish to make it better, register at the website and you will have the privilege to edit this article.
Draft code:
user test password test
bba-group pppoe PPPoE
virtual-template 1
sessions per-mac limit 1
sessions auto cleanup
interface Virtual-Template1
mtu 1492
ip unnumbered FastEthernet0/0
peer default ip address pool pppoepool
ppp authentication chap
interface FastEthernet0/1
pppoe enable group PPPoE
no cdp enable
int FastEthernet0/0
ip address 192.168.1.77 255.255.255.0
ip local pool pppoepool 10.10.10.1 10.10.10.200
*Oct 21 06:58:18.319: PPPoE 0: I PADI R:001f.d08d.df60 L:ffff.ffff.ffff Fa0/1
FF FF FF FF FF FF 00 1F D0 8D DF 60 88 63 11 09
00 00 00 10 01 01 00 00 01 03 00 08 01 00 00 00 ...
*Oct 21 06:58:18.319: Service tag: NULL Tag
*Oct 21 06:58:18.319: PPPoE 0: O PADO, R:0019.aa85.5bbf L:001f.d08d.df60 Fa0/1
*Oct 21 06:58:18.319: Service tag: NULL Tag
00 1F D0 8D DF 60 00 19 AA 85 5B BF 88 63 11 07
00 00 00 2E 01 01 00 00 01 03 00 08 01 00 00 00 ...
*Oct 21 06:58:18.319: PPPoE 0: I PADR R:001f.d08d.df60 L:0019.aa85.5bbf Fa0/1
00 19 AA 85 5B BF 00 1F D0 8D DF 60 88 63 11 19
00 00 00 24 01 01 00 00 01 03 00 08 01 00 00 00 ...
*Oct 21 06:58:18.323: Service tag: NULL Tag
*Oct 21 06:58:18.327: PPPoE : encap string prepared
*Oct 21 06:58:18.335: [1]PPPoE 1: Access IE handle allocated
*Oct 21 06:58:18.339: [1]PPPoE 1: pppoe SSS switch updated
*Oct 21 06:58:18.339: [1]PPPoE 1: AAA unique ID allocated
*Oct 21 06:58:18.343: [1]PPPoE 1: No AAA accounting method list
*Oct 21 06:58:18.343: [1]PPPoE 1: Service request sent to SSS
*Oct 21 06:58:18.343: [1]PPPoE 1: Created, Service: None R:0019.aa85.5bbf L:001f.d08d.df60 Fa0/1
*Oct 21 06:58:18.351: [1]PPPoE 1: State NAS_PORT_POLICY_INQUIRY Event SSS_LOCAL
*Oct 21 06:58:18.351: [1]PPPoE 1: O PADS R:001f.d08d.df60 L:0019.aa85.5bbf Fa0/1
00 1F D0 8D DF 60 00 19 AA 85 5B BF 88 63 11 65
00 01 00 24 01 01 00 00 01 03 00 08 01 00 00 00 ...
*Oct 21 06:58:18.351: [1]PPPoE 1: State PPP_START Event DYN_BIND
*Oct 21 06:58:18.351: [1]PPPoE 1: data path set to PPP
*Oct 21 06:58:18.375: [1]PPPoE 1: State LCP_NEGOTIATION Event PPP_LOCAL
*Oct 21 06:58:18.379: PPPoE 1/SB: Sent vtemplate request on base Vi1
*Oct 21 06:58:18.379: [1]PPPoE 1: State VACCESS_REQUESTED Event VA_RESP
*Oct 21 06:58:18.379: [1]PPPoE 1: Vi1.1 interface obtained
*Oct 21 06:58:18.379: [1]PPPoE 1: State PTA_BINDING Event STAT_BIND
*Oct 21 06:58:18.379: [1]PPPoE 1: data path set to Virtual Acess
// Method 2
user test password test
bba-group pppoe PPPoE
virtual-template 1
sessions per-mac limit 1
sessions auto cleanup
interface Virtual-Template1
mtu 1492
ip address 192.168.1.77 255.255.255.0
peer default ip address pool pppoepool
ppp authentication chap
interface FastEthernet0/1
pppoe enable group PPPoE
no cdp enable
ip local pool pppoepool 10.10.10.1 10.10.10.200
// There probably have to be the following lines as well, but I don't remember:
aaa new-model
!
aaa authentication ppp default local
aaa authorization network default local
// Remember to use privilege levels before creating user accounts!
// You can use Loopback address as the ip unnumbered!
// You can make more PPPoE profiles.
// I didn't try it without ip unnumbered, try if you can. Theoretically it should work.