学习啦 > 学习电脑 > 网络知识 > 路由器 > 路由器设置 > cisco思科 > cisco PIX上配置PPPOE Client与PPPOE SERVER通信

cisco PIX上配置PPPOE Client与PPPOE SERVER通信

时间: 权威724 分享

学习啦在线学习网cisco PIX上配置PPPOE Client与PPPOE SERVER通信

  思科cisco依靠自身的技术和对网络经济模式的深刻理解,使其成为了网络应用的成功实践者之一,那么你知道cisco PIX上配置PPPOE Client与PPPOE SERVER通信吗?下面是学习啦小编整理的一些关于cisco PIX上配置PPPOE Client与PPPOE SERVER通信的相关资料,供你参考。

学习啦在线学习网   cisco PIX上配置PPPOE Client与PPPOE SERVER通信:

  拓扑图

  1,说明

学习啦在线学习网   ü Cisco 1721来模拟PPPOE SERVER

学习啦在线学习网   üPIX501来模拟PPPOE Client

  2,实验过程

  配置CISCO 1721为PPPOE SERVER

学习啦在线学习网   //首先底层配置,这没什么说的,大家已经非常熟悉了~~

学习啦在线学习网   Router(config)#no ip domain-lookup

学习啦在线学习网   Router(config)#line console 0

  Router(config-line)#exec-timeout 0 0

  Router(config-line)#logg syn

  Router(config-line)#host PPPOE_SERVER

  PPPOE_SERVER(config)#int e0/0

  PPPOE_SERVER(config-if)#ip add 192.168.0.1 255.255.255.0

  PPPOE_SERVER(config-if)#no sh

  PPPOE_SERVER(config-if)#pppoe enable //接口下开启PPPOE 会话功能

  PPPOE_SERVER(config-if)#exit

  PPPOE_SERVER(config)#vpdn enable //全局开启VPDN服务

  PPPOE_SERVER(config)#vpdn-group PPPOE //创建VPDN拨号组,此处我设置的名称为PPPOE,注意这里创建的组名要和PIX上启用的VPDN组名要一致,不然pppoe session会话失败

学习啦在线学习网   PPPOE_SERVER(config-vpdn)#accept-dialin //接受拨号请求

  PPPOE_SER(config-vpdn-acc-in)#protocol pppoe //指定会话协议为pppoe

学习啦在线学习网   PPPOE_SER(config-vpdn-acc-in)#virtual-template 1 //创建虚模板 1,表示第几个虚模板,创建虚模板之后,会立即看见Virtual-Access1, changed state to up

  PPPOE_SER(config-vpdn-acc-in)#end

学习啦在线学习网   *Mar 1 00:06:27.707: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up

学习啦在线学习网   *Mar 1 00:06:28.707: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up

学习啦在线学习网   PPPOE_SERVER#conf t

  Enter configuration commands, one per line. End with CNTL/Z.

学习啦在线学习网   PPPOE_SERVER(config)#int virtual-template 1 //进入虚模板1

学习啦在线学习网   PPPOE_SERVER(config-if)#ip unnumbered e0/0 //此处不要给虚模板配置IP地址,建议使用ip unnumbered 向物理接口E0/0借用,因为E0/0接口为outside接口,已开启pppoe enable

  PPPOE_SERVER(config-if)#ppp authentication pap //指定ppp认证方式为pap,采用认证方式为PAP,认证过程会话用户名和密码为明文,你可以采用chap

  PPPOE_SERVER(config-if)#peer default ip address pool ADSL //指定地址池的名称为ADSL,可以随意指定名称,但要和下面的地址池名称一致

  PPPOE_SERVER(config-if)#exit

  PPPOE_SERVER(config)#ip local pool ADSL 200.0.0.1 200.0.0.10 //指定地址池的地址范围,这个地址范围必须是连续的

  PPPOE_SERVER(config)#username wangwanli password wangwanli //指定pppoe拨号的用户名和密码

  PPPOE_SERVER(config)#end

学习啦在线学习网   到此PPPOE_SERVER上配置已全部完成

  PIX上进行配置

  pixfirewall> enable

  Password:

  pixfirewall#

学习啦在线学习网   pixfirewall# conf t

  pixfirewall(config)# vpdn group PPPOE request dialout pppoe //指定vpdn会话名称PPPOE,这个名称与pppoe server上的VPDN组名是一致的

学习啦在线学习网   pixfirewall(config)# vpdn group PPPOE localname wangwanli //指定vpdn本地用户名

学习啦在线学习网   pixfirewall(config)# vpdn ?

  configure mode commands/options:

  group Keyword to specify a group name

  username Keyword to configure username

学习啦在线学习网   pixfirewall(config)# vpdn group PPPOE ppp authentication pap //指定ppp认证方式为pap,与pppoe server认证方式一致

  pixfirewall(config)# vpdn username wangwanli password wangwanli //指定拨号的用户名和密码

  pixfirewall(config)# int e1

  pixfirewall(config-if)# no sh //激活接口

学习啦在线学习网   pixfirewall(config-if)# nameif outside //定义接口为outside,默认的安全级别为0

学习啦在线学习网   INFO: Security level for "outside" set to 0 by default.

  pixfirewall(config-if)# ip address pppoe setroute //从pppoe 服务器获得IP地址

学习啦在线学习网   pixfirewall(config-if)# end

学习啦在线学习网   到此PIX上的配置已经完成,如下是调试现象

  pixfirewall# debug ppp auth //打开ppp 认证调试

  pixfirewall# debug pppoe event //打开pppoe 拨号事件请求

  debug pppoe event enabled at level 1

学习啦在线学习网   pixfirewall# show ip address outside ?

学习啦在线学习网   dhcp Show DHCP lease information

  pppoe Show PPPoE interface information

  | Output modifiers

  pixfirewall# show ip address outside pppoe

  //PIX上完成拨号之后,查看得到的IP地址

学习啦在线学习网   PPPoE Assigned IP addr: 200.0.0.1 255.255.255.255 on Interface: outside

  Remote IP addr: 192.168.0.1

学习啦在线学习网   pixfirewall# show route

学习啦在线学习网   Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

  D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

学习啦在线学习网   N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

学习啦在线学习网   E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

  i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

  * - candidate default, U - per-user static route, o - ODR

  P - periodic downloaded static route

学习啦在线学习网   Gateway of last resort is 192.168.0.1 to network 0.0.0.0

  S* 0.0.0.0 0.0.0.0 [1/0] via 192.168.0.1, outside

学习啦在线学习网   //查看路由表自动生成一条缺省路由

学习啦在线学习网   pixfirewall# show interface ip brief

  Interface IP-Address OK? Method Status Protocol

  Ethernet0 unassigned YES unset administratively down up

  Ethernet1 200.0.0.1 YES manual up up

学习啦在线学习网   Ethernet2 unassigned YES unset up up

  Ethernet3 unassigned YES unset administratively down up

学习啦在线学习网   pixfirewall# ping 192.168.0.1

  Type escape sequence to abort.

学习啦在线学习网   Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds:

  !!!!!

  Success rate is 100 percent (5/5), round-trip min/avg/max = 10/20/50 ms

学习啦在线学习网   //通过ping测试PIX与PPPOE SERVER是可以正常通信的

学习啦在线学习网   pixfirewall# sh ip

  //PIX上接口IP地址信息

  System IP Addresses:

  Interface Name IP address Subnet mask Method

  Ethernet1 outside 200.0.0.1 255.255.255.255 manual

学习啦在线学习网   Current IP Addresses:

  Interface Name IP address Subnet mask Method

  Ethernet1 outside 200.0.0.1 255.255.255.255 manua

学习啦在线学习网   PPPOE_SERVER#show pppoe session all //查看pppoe session 所有会话详细信息

学习啦在线学习网   Total PPPoE sessions 1

  PPPoE Session Information

  session id: 1

  local MAC address: cc9f.0788.0000, remote MAC address: 00aa.0001.0102

  virtual access interface: Vi1.1, outgoing interface: Et0/0

学习啦在线学习网   117 packets sent, 117 received

  1915 bytes sent, 1934 received

学习啦在线学习网   现在我把PIX上的E1接口重新关闭之后,再打开,再来观察一下PIX上的pppoe 的会话过程与PPPOE SERVER上的看到的pppoe 会话的四个过程,PADI---PADO-PADR-PADS 四个过程

  pixfirewall# conf t

  pixfirewall(config)# int e1

  pixfirewall(config-if)# sh

  PPPoE: Shutting down client session

学习啦在线学习网   PPPoE: padi timer expired

  PPPoE: padi timer expired

学习啦在线学习网   pixfirewall(config-if)# no sh

  pixfirewall# PPPoE: send_padi:(Snd) Dest:ffff.ffff.ffff Src:00aa.0001.0102 Type:0x8863=PPPoE-Discovery

  //开始发送广播,寻找PPPOE SERVER

学习啦在线学习网   PPPoE: Ver:1 Type:1 Code:09=PADI Sess:0 Len:12

  PPPoE: Type:0101:SVCNAME-Service Name Len:0

学习啦在线学习网   PPPoE: Type:0103:HOSTUNIQ-Host Unique Tag Len:4

  PPPoE: 00000001

学习啦在线学习网   PPPoE: PPPoE:(Rcv) Dest:00aa.0001.0102 Src:cc9f.09e4.0000 Type:0x8863=PPPoE-Discovery

  PPPoE: Ver:1 Type:1 Code:07=PADO Sess:0 Len:48

学习啦在线学习网   PPPoE: Type:0101:SVCNAME-Service Name Len:0

学习啦在线学习网   PPPoE: Type:0103:HOSTUNIQ-Host Unique Tag Len:4

学习啦在线学习网   PPPoE: 00000001

  PPPoE: Type:0102:ACNAME-AC Name Len:12

  PPPoE: PPPOE_Server

  PPPoE: Type:0104:ACCOOKIE-AC Cookie Len:16

  PPPoE: 9682A160

  PPPoE: 3EDB1E03

  PPPoE: DDDF8016

学习啦在线学习网   PPPoE: 2E032E1C

  PPPoE:

学习啦在线学习网   PPPoE: PADO

  PPPoE: send_padr:(Snd) Dest:cc9f.09e4.0000 Src:00aa.0001.0102 Type:0x8863=PPPoE-Discovery

学习啦在线学习网   PPPoE: Ver:1 Type:1 Code:19=PADR Sess:0 Len:48

学习啦在线学习网   PPPoE: Type:0101:SVCNAME-Service Name Len:0

  PPPoE: Type:0103:HOSTUNIQ-Host Unique Tag Len:4

  PPPoE: 00000001

  PPPoE: Type:0102:ACNAME-AC Name Len:12

学习啦在线学习网   PPPoE: PPPOE_Server

  PPPoE: Type:0104:ACCOOKIE-AC Cookie Len:16

  PPPoE: 9682A160

学习啦在线学习网   PPPoE: 3EDB1E03

学习啦在线学习网   PPPoE: DDDF8016

学习啦在线学习网   PPPoE: 2E032E1C

  PPPoE:

  PPPoE: PPPoE:(Rcv) Dest:00aa.0001.0102 Src:cc9f.09e4.0000 Type:0x8863=PPPoE-Discovery

学习啦在线学习网   PPPoE: Ver:1 Type:1 Code:65=PADS Sess:3 Len:48

  PPPoE: Type:0101:SVCNAME-Service Name Len:0

  PPPoE: Type:0103:HOSTUNIQ-Host Unique Tag Len:4

  PPPoE: 00000001

学习啦在线学习网   PPPoE: Type:0102:ACNAME-AC Name Len:12

  PPPoE: PPPOE_Server

学习啦在线学习网   PPPoE: Type:0104:ACCOOKIE-AC Cookie Len:16

  PPPoE: 9682A160

  PPPoE: 3EDB1E03

  PPPoE: DDDF8016

  PPPoE: 2E032E1C

  PPPoE:

学习啦在线学习网   PPPoE: PADS

学习啦在线学习网   PPPoE: IN PADS from PPPoE tunnel

  PPPoE: Opening PPP link and starting negotiations.

  到这里PIX上的pppoe 会话已经结束,已经得到从PPPOE SERVER上分配的地址

学习啦在线学习网   PPPOE SERVER上开启debug之后,收到PIX上的PPPOE 会话请求

  PPPOE_SERVER#

学习啦在线学习网   *Mar 1 00:34:17.583: PPPoE 0: I PADI R:00aa.0001.0102 L:ffff.ffff.ffff Et0/0

学习啦在线学习网   *Mar 1 00:34:17.583: PPPoE 0: O PADO, R:00aa.0001.0102 L:cc9f.0788.0000 Et0/0

  *Mar 1 00:34:17.639: PPPoE 0: I PADR R:00aa.0001.0102 L:cc9f.0788.0000 Et0/0

  *Mar 1 00:34:17.639: PPPoE : encap string prepared

  *Mar 1 00:34:17.639: [2]PPPoE 2: Access IE handle allocated

学习啦在线学习网   *Mar 1 00:34:17.639: [2]PPPoE 2: pppoe SSS switch updated

学习啦在线学习网   *Mar 1 00:34:17.639: [2]PPPoE 2: AAA unique ID allocated

  *Mar 1 00:34:17.643: [2]PPPoE 2: No AAA accounting method list

  *Mar 1 00:34:17.643: [2]PPPoE 2: Service request sent to SSS

学习啦在线学习网   *Mar 1 00:34:17.643: [2]PPPoE 2: Created R:cc9f.0788.0000 L:00aa.0001.0102 Et0/0

  *Mar 1 00:34:17.647: [2]PPPoE 2: State REQ_NASPORT Event MORE_KEYS

  *Mar 1 00:34:17.647: [2]PPPoE 2: O PADS R:00aa.0001.0102 L:cc9f.0788.0000 Et0/0

  *Mar 1 00:34:17.651: ppp2 PPP: Using default call direction

  *Mar 1 00:34:17.651: ppp2 PPP: Treating connection as a dedicated line

学习啦在线学习网   *Mar 1 00:34:17.651: ppp2 PPP: Session handle[73000003] Session id[2]

  *Mar 1 00:34:17.651: ppp2 PPP: Authorization required

  *Mar 1 00:34:17.655: [2]PPPoE 2: State START_PPP Event DYN_BIND

  *Mar 1 00:34:17.655: [2]PPPoE 2: data path set to PPP

学习啦在线学习网   PPPOE_SERVER#

  *Mar 1 00:34:20.679: ppp2 PAP: I AUTH-REQ id 1 len 24 from "wangwanli"

学习啦在线学习网   *Mar 1 00:34:20.679: ppp2 PAP: Authenticating peer wangwanli

  *Mar 1 00:34:20.687: ppp2 PPP: Sent PAP LOGIN Request

学习啦在线学习网   *Mar 1 00:34:20.687: ppp2 PPP: Received LOGIN Response PASS

  *Mar 1 00:34:20.691: [2]PPPoE 2: State LCP_NEGO Event PPP_LOCAL

学习啦在线学习网   *Mar 1 00:34:20.691: PPPoE 2/SB: Sent vtemplate request on base Vi1

  *Mar 1 00:34:20.699: [2]PPPoE 2: State CREATE_VA Event VA_RESP

学习啦在线学习网   *Mar 1 00:34:20.699: [2]PPPoE 2: Vi1.1 interface obtained

  *Mar 1 00:34:20.699: [2]PPPoE 2: State PTA_BIND Event STAT_BIND

  *Mar 1 00:34:20.699: [2]PPPoE 2: data path set to Virtual Acess

  PPPOE_SERVER#

  *Mar 1 00:34:20.703: [2]PPPoE 2: Connected PTA

学习啦在线学习网   *Mar 1 00:34:20.707: Vi1.1 PPP: Sent LCP AUTHOR Request

  *Mar 1 00:34:20.707: Vi1.1 PPP: Sent IPCP AUTHOR Request

学习啦在线学习网   *Mar 1 00:34:20.711: Vi1.1 LCP: Received AAA AUTHOR Response PASS

  *Mar 1 00:34:20.711: Vi1.1 IPCP: Received AAA AUTHOR Response PASS

学习啦在线学习网   *Mar 1 00:34:20.711: Vi1.1 PAP: O AUTH-ACK id 1 len 5

  //PAP认证通过

  pixfirewall# show vpdn session pppoe state

学习啦在线学习网   PPPoE Session Information (Total tunnels=1 sessions=1)

学习啦在线学习网   SessID TunID Intf State Last Chg

  3 1 outside SESSION_UP 2928 secs

  pixfirewall# show vpdn pppinterface //查看ppp会话,以及ppp认证方式

  PPP virtual interface id = 1

  PPP authentication protocol is PAP

学习啦在线学习网   Server ip address is 192.168.0.1

学习啦在线学习网   Our ip address is 200.0.0.1

  Transmitted Pkts: 122, Received Pkts: 121, Error Pkts: 0

  MPPE key strength is None

  MPPE_Encrypt_Pkts: 0, MPPE_Encrypt_Bytes: 0

学习啦在线学习网   MPPE_Decrypt_Pkts: 0, MPPE_Decrypt_Bytes: 0

学习啦在线学习网   Rcvd_Out_Of_Seq_MPPE_Pkts: 0

  pixfirewall#

相关文章

热门文章

569384