1、网络拓扑图
2、配置明细
2.1 pppoe-server
1)创建虚拟模板
interface virtual-template 1
2)创建dhcp pool
ip pool client
network 10.1.1.0 mask 255.255.255.0
gateway-list 10.1.1.1
dns-list 8.8.8.8
lease day 10 hour 8 minute 30
3)配置virtual-template
interface virtual-template 1
ip address 10.1.1.1 24
remote address pool client //远程获取地址的方式
4)aaa认证
aaa
local-user yhs password cipher hua123456
local-user yhs service-type ppp ssh
local-user yhs privilege level 15
5)virtual-template 绑定认证方式
interface virtual-template 1
ppp authentication-mode chap //chap和pap
6)物理接口和virtual-template绑定
pppoe-server bind Virtual-Template 1
2.2 pppoe-client
1)创建拨号上网
interface dialer 1
2)连接绑定用户
dialer user yhs //yhs为远程用户名
3)认证chap
PPP chap user yhs
ppp chap password cipher hua123456
4)dialer-rule
dialer-rule
dialer-rule 1 ip permit
5)绑定策略
dialer-group 1
6)绑定bundle
dialer bundle 1
7)nat
acl number 2000
rule 5 permit source 10.1.1.0 0.0.0.255
rule 10 deny source any
interface dialer 1
nat outbound 2000
8)物理接口与绑定dialer 1
interface g0/0/0
pppoe-client dial-bundle-number 1
9)默认路由
ip route-static 0.0.0.0 0 dialer 1
3、具体配置
3.1 R1
[r1]display current-configuration
[V200R003C00]
#
sysname r1
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
dhcp enable
#
ip pool client
gateway-list 100.1.1.1
network 100.1.1.0 mask 255.255.255.0
lease day 100 hour 0 minute 0
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user yhs password cipher %$%$[Gm1DneCgRtx@a$|Cg.Xe^3p%$%$
local-user yhs privilege level 15
local-user yhs service-type ssh ppp http
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface Virtual-Template1
ppp authentication-mode chap
remote address pool client
ip address 100.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/0
pppoe-server bind Virtual-Template 1
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
user-interface con 0
authentication-mode password
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
[r1]
3.2 R2
[r2]display current-configuration
[V200R003C00]
#
sysname r2
#
snmp-agent local-engineid 800007DB03000000000000
snmp-agent
#
clock timezone China-Standard-Time minus 08:00:00
#
portal local-server load portalpage.zip
#
drop illegal-mac alarm
#
set cpu-usage threshold 80 restore 75
#
acl number 2000
rule 5 permit source 10.1.1.0 0.0.0.255
rule 10 deny
#
aaa
authentication-scheme default
authorization-scheme default
accounting-scheme default
domain default
domain default_admin
local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$
local-user admin service-type http
#
firewall zone Local
priority 15
#
interface Dialer1
link-protocol ppp
ppp chap user yhs
ppp chap password cipher %$%$u9v%~{1o6DkcSP!($@#>,"wD%$%$
ip address ppp-negotiate
dialer user yhs
dialer bundle 1
dialer-group 1
nat outbound 2000
#
interface GigabitEthernet0/0/0
pppoe-client dial-bundle-number 1
#
interface GigabitEthernet0/0/1
ip address 10.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/2
#
interface NULL0
#
dialer-rule
dialer-rule 1 ip permit
#
ip route-static 0.0.0.0 0.0.0.0 Dialer1
#
user-interface con 0
authentication-mode password
idle-timeout 0 0
user-interface vty 0 4
user-interface vty 16 20
#
wlan ac
#
return
[r2]
4、结果
