PPPoE Client-Server setup and configuration

Document

Nov 26, 2009 8:16 AM
Nov 26th, 2009

This is an example of configuring PPPoE in a back-to-back scenario. The objective here is to simulate a PPPoE server (typically found on the ISP end)

Client--Fa0/0----------------------------------------Fa0/0--Server

In this example, we're using 2 routers connected back-to-back on their Fa0/0 ports. Here're the parameters being simulated

1. Authentication using Chap/Pap (Username: cisco, password: sisco)

2. Client being authenticated by the server (one way authentication)

3. IP address being negotiated using IPCP

Here's the relevant configuration needed on the client router

interface FastEthernet0/0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip virtual-reassembly

ip tcp adjust-mss 1452

duplex auto

speed auto

pppoe enable

pppoe-client dial-pool-number 1

!

interface Dialer1

ip address negotiated

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication pap chap callin

ppp pap sent-username cisco password sisco

ppp chap hostname cisco

ppp chap password sisco

!

ip route 0.0.0.0 0.0.0.0 Dialer1

Here's the relevant configuration needed on the Server

username cisco password sisco

!

bba-group pppoe global

virtual-template 1

!

interface FastEthernet0/0

ip address 10.252.102.49 255.255.255.240

ip rip advertise 4

load-interval 30

duplex auto

speed auto

pppoe enable group global

!

interface Virtual-Template1

mtu 1492

ip unnumbered FastEthernet0/0

peer default ip address pool pppoepool

ppp authentication pap chap

!

ip local pool pppoepool 10.10.10.1 10.10.10.200

!

Here's how the flow will be

1. Client negotiates PPPoE using PADo, PADi and PADr with the server, both client and server move into PPP-->LCP phase

2. Client/Server negotiate authentication, other parameters

3. Server asks the client for a username/password (using pap, as pap is configured before chap)

4. Client sends out a username/password configured in it's dialer

5. Server authenticates this username/password against its global username/password list (alternatively a AAA/Radius server)

6. Client and Server both move on to IPCP phase

7. Client sends an ip address of 0.0.0.0 (asking for an ip address from the Server)

8. Server hands out an IP address from its pool (in this case pppoepool)

9. Client/Server finish IPCP phase and the link comes up

At this time, the link should be up and able to pass traffic

Average Rating: 5 (3 ratings)

Comments

ovidiu.serbu Wed, 04/13/2011 - 14:29

WTB some debug commands for the 1 - 9 stages

but it's a nice article, even old, still should work, gonna try it for sure, cause i need to play with pppoe a bit .

skapadi Fri, 05/18/2012 - 07:16

Hi,

What is best pratice for configuring ip address in server interface, physical interface or virtual-template.

Is it documented anywhere?

Thanks.

darrinmcland Wed, 02/26/2014 - 07:28

Thanks, worked fine, I did add NAT and DHCP

be sure to use the "IP NAT OUTSIDE" on the dialer 1 interface, and overload statement on the NAT command

Cheers

DRM

Actions

Login or Register to take actions

This Document

Posted November 26, 2009 at 8:16 AM
Stats:
Comments:5 Avg. Rating:5
Views:41750 Contributors:5
Shares:0

Related Content

Documents Leaderboard