1、网络拓扑图

PPPOE上网_bundle

2、核心配置

2.1服务器

1)创建虚拟模版

int Virtual-Template 1 //0-1023个虚拟模版

2)创建dhcp

ip pool dhcpclient

network 10.1.1.0 mask 255.255.255.0

gateway-list 10.1.1.1 

dns-list 114.114.114.114

exclude-ip 10.1.1.10 10.1.1.100

least day 10 hour 8 minute 30

3)创建客户

local-user yhs password cipher yhs654321

local-user yhs privilege level 15

local-user yhs service-type telnet terminal ssh ftp ppp http sslvpn

4)配置virtual-template

int virtual-template 1

ip add 10.1.1.1 24

remote address pool dhcpclient

5)物理口调用

pppoe-server bind Virtual-Template 1

2.2 客户端

1)创建dialer

int dialer 1 //0-127 (dialer interface number)

2)认证模式

 ppp chap user yhs

ppp chap password cipher yhs654321

3)ip address 协商产生

ip address ppp-negotiate

4)命令用来指定Dialer接口使用的Dialer bundle。设备通过Dialer bundle将物理接口与拨号接口关联起来。

dialer bundle 1 //取值范围1-255

5)dialer user 的用途

使能共享DCC,并设置对端的用户名(一般配置为和用户名一致)

设置拨号使用的用户名,用于服务端进行验证,能够接收此PPoE请求,然后对其回应

当一个Dialer接口下配置多个dialer user时,就实现了用一个Dialer接口同时接入多个拨号接口的连接

6)dialer-rule 11 ip permit                 

 拨号访问组11允许所有IP协议报文通过接口 dialer-rule 11 ip permit                  拨号访问组11允许所有IP协议报文通过接口 

 dialer-group 11                       设置拨号访问组(与拨号控制列表结合起来) 

7)nat地址转换

acl number 2000

rule 5 permit source any

int dialer 1

nat outbound 2000

8)默认路由

ip outer-static 0.0.0.0 0 dialer 1

3、详细配置

r1:

[r1]display current-configuration  

[V200R003C00]

#

sysname r1

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent  

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

acl number 2000  

rule 5 permit  

#

aaa  

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default  

domain default_admin  

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface Dialer1

link-protocol ppp

ppp chap user yhs

ppp chap password cipher %$%$Op48)"..qT|L.,TB$^<>,#'C%$%$

ip address ppp-negotiate

dialer user yhs

dialer bundle 1

nat outbound 2000

#

interface GigabitEthernet0/0/0

ip address 192.168.1.1 255.255.255.0  

#

interface GigabitEthernet0/0/1

pppoe-client dial-bundle-number 1  

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

ip route-static 0.0.0.0 0.0.0.0 Dialer1

#

user-interface con 0

authentication-mode password

idle-timeout 0 0

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

[r1]

r2:

[r2]display current-configuration  

[V200R003C00]

#

sysname r2

#

snmp-agent local-engineid 800007DB03000000000000

snmp-agent  

#

clock timezone China-Standard-Time minus 08:00:00

#

portal local-server load portalpage.zip

#

drop illegal-mac alarm

#

set cpu-usage threshold 80 restore 75

#

ip pool dhcpclient

gateway-list 123.1.1.1  

network 123.1.1.0 mask 255.255.255.0  

excluded-ip-address 123.1.1.2 123.1.1.10  

lease day 10 hour 0 minute 0  

dns-list 8.8.8.8  

#

aaa  

authentication-scheme default

authorization-scheme default

accounting-scheme default

domain default  

domain default_admin  

local-user yhs password cipher %$%$HaIPH0ZES7-5"zErk\HC9~^`%$%$

local-user yhs privilege level 15

local-user yhs service-type telnet terminal ssh ftp ppp http sslvpn

local-user admin password cipher %$%$K8m.Nt84DZ}e#<0`8bmE3Uw}%$%$

local-user admin service-type http

#

firewall zone Local

priority 15

#

interface Virtual-Template1

ppp authentication-mode chap  

remote address pool dhcpclient

ip address 123.1.1.1 255.255.255.0  

#

interface GigabitEthernet0/0/0

pppoe-server bind Virtual-Template 1

#

interface GigabitEthernet0/0/1

ip address 100.1.1.2 255.255.255.0  

#

interface GigabitEthernet0/0/2

#

interface NULL0

#

user-interface con 0

authentication-mode password

idle-timeout 0 0

user-interface vty 0 4

user-interface vty 16 20

#

wlan ac

#

return

[r2]