学习啦 > 学习电脑 > 网络知识 > 路由器 > 路由器设置 > cisco思科 > cisco PIX上配置PPPOE Client与PPPOE SERVER通信

cisco PIX上配置PPPOE Client与PPPOE SERVER通信

时间: 权威724 分享

cisco PIX上配置PPPOE Client与PPPOE SERVER通信

  思科cisco依靠自身的技术和对网络经济模式的深刻理解,使其成为了网络应用的成功实践者之一,那么你知道cisco PIX上配置PPPOE Client与PPPOE SERVER通信吗?下面是学习啦小编整理的一些关于cisco PIX上配置PPPOE Client与PPPOE SERVER通信的相关资料,供你参考。

学习啦在线学习网   cisco PIX上配置PPPOE Client与PPPOE SERVER通信:

  拓扑图

  1,说明

  ü Cisco 1721来模拟PPPOE SERVER

  üPIX501来模拟PPPOE Client

  2,实验过程

  配置CISCO 1721为PPPOE SERVER

学习啦在线学习网   //首先底层配置,这没什么说的,大家已经非常熟悉了~~

  Router(config)#no ip domain-lookup

学习啦在线学习网   Router(config)#line console 0

学习啦在线学习网   Router(config-line)#exec-timeout 0 0

学习啦在线学习网   Router(config-line)#logg syn

学习啦在线学习网   Router(config-line)#host PPPOE_SERVER

  PPPOE_SERVER(config)#int e0/0

  PPPOE_SERVER(config-if)#ip add 192.168.0.1 255.255.255.0

  PPPOE_SERVER(config-if)#no sh

  PPPOE_SERVER(config-if)#pppoe enable //接口下开启PPPOE 会话功能

  PPPOE_SERVER(config-if)#exit

  PPPOE_SERVER(config)#vpdn enable //全局开启VPDN服务

学习啦在线学习网   PPPOE_SERVER(config)#vpdn-group PPPOE //创建VPDN拨号组,此处我设置的名称为PPPOE,注意这里创建的组名要和PIX上启用的VPDN组名要一致,不然pppoe session会话失败

学习啦在线学习网   PPPOE_SERVER(config-vpdn)#accept-dialin //接受拨号请求

  PPPOE_SER(config-vpdn-acc-in)#protocol pppoe //指定会话协议为pppoe

  PPPOE_SER(config-vpdn-acc-in)#virtual-template 1 //创建虚模板 1,表示第几个虚模板,创建虚模板之后,会立即看见Virtual-Access1, changed state to up

学习啦在线学习网   PPPOE_SER(config-vpdn-acc-in)#end

学习啦在线学习网   *Mar 1 00:06:27.707: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up

  *Mar 1 00:06:28.707: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up

  PPPOE_SERVER#conf t

学习啦在线学习网   Enter configuration commands, one per line. End with CNTL/Z.

  PPPOE_SERVER(config)#int virtual-template 1 //进入虚模板1

学习啦在线学习网   PPPOE_SERVER(config-if)#ip unnumbered e0/0 //此处不要给虚模板配置IP地址,建议使用ip unnumbered 向物理接口E0/0借用,因为E0/0接口为outside接口,已开启pppoe enable

学习啦在线学习网   PPPOE_SERVER(config-if)#ppp authentication pap //指定ppp认证方式为pap,采用认证方式为PAP,认证过程会话用户名和密码为明文,你可以采用chap

  PPPOE_SERVER(config-if)#peer default ip address pool ADSL //指定地址池的名称为ADSL,可以随意指定名称,但要和下面的地址池名称一致

  PPPOE_SERVER(config-if)#exit

学习啦在线学习网   PPPOE_SERVER(config)#ip local pool ADSL 200.0.0.1 200.0.0.10 //指定地址池的地址范围,这个地址范围必须是连续的

  PPPOE_SERVER(config)#username wangwanli password wangwanli //指定pppoe拨号的用户名和密码

  PPPOE_SERVER(config)#end

  到此PPPOE_SERVER上配置已全部完成

  PIX上进行配置

  pixfirewall> enable

  Password:

  pixfirewall#

  pixfirewall# conf t

学习啦在线学习网   pixfirewall(config)# vpdn group PPPOE request dialout pppoe //指定vpdn会话名称PPPOE,这个名称与pppoe server上的VPDN组名是一致的

学习啦在线学习网   pixfirewall(config)# vpdn group PPPOE localname wangwanli //指定vpdn本地用户名

  pixfirewall(config)# vpdn ?

  configure mode commands/options:

学习啦在线学习网   group Keyword to specify a group name

  username Keyword to configure username

  pixfirewall(config)# vpdn group PPPOE ppp authentication pap //指定ppp认证方式为pap,与pppoe server认证方式一致

学习啦在线学习网   pixfirewall(config)# vpdn username wangwanli password wangwanli //指定拨号的用户名和密码

  pixfirewall(config)# int e1

学习啦在线学习网   pixfirewall(config-if)# no sh //激活接口

学习啦在线学习网   pixfirewall(config-if)# nameif outside //定义接口为outside,默认的安全级别为0

  INFO: Security level for "outside" set to 0 by default.

  pixfirewall(config-if)# ip address pppoe setroute //从pppoe 服务器获得IP地址

  pixfirewall(config-if)# end

  到此PIX上的配置已经完成,如下是调试现象

学习啦在线学习网   pixfirewall# debug ppp auth //打开ppp 认证调试

学习啦在线学习网   pixfirewall# debug pppoe event //打开pppoe 拨号事件请求

  debug pppoe event enabled at level 1

学习啦在线学习网   pixfirewall# show ip address outside ?

  dhcp Show DHCP lease information

  pppoe Show PPPoE interface information

  | Output modifiers

  pixfirewall# show ip address outside pppoe

学习啦在线学习网   //PIX上完成拨号之后,查看得到的IP地址

  PPPoE Assigned IP addr: 200.0.0.1 255.255.255.255 on Interface: outside

  Remote IP addr: 192.168.0.1

  pixfirewall# show route

  Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

  D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

  N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

学习啦在线学习网   E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

学习啦在线学习网   i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

学习啦在线学习网   * - candidate default, U - per-user static route, o - ODR

学习啦在线学习网   P - periodic downloaded static route

  Gateway of last resort is 192.168.0.1 to network 0.0.0.0

  S* 0.0.0.0 0.0.0.0 [1/0] via 192.168.0.1, outside

学习啦在线学习网   //查看路由表自动生成一条缺省路由

学习啦在线学习网   pixfirewall# show interface ip brief

  Interface IP-Address OK? Method Status Protocol

  Ethernet0 unassigned YES unset administratively down up

  Ethernet1 200.0.0.1 YES manual up up

学习啦在线学习网   Ethernet2 unassigned YES unset up up

  Ethernet3 unassigned YES unset administratively down up

  pixfirewall# ping 192.168.0.1

学习啦在线学习网   Type escape sequence to abort.

  Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds:

  !!!!!

  Success rate is 100 percent (5/5), round-trip min/avg/max = 10/20/50 ms

  //通过ping测试PIX与PPPOE SERVER是可以正常通信的

学习啦在线学习网   pixfirewall# sh ip

学习啦在线学习网   //PIX上接口IP地址信息

  System IP Addresses:

学习啦在线学习网   Interface Name IP address Subnet mask Method

  Ethernet1 outside 200.0.0.1 255.255.255.255 manual

  Current IP Addresses:

学习啦在线学习网   Interface Name IP address Subnet mask Method

学习啦在线学习网   Ethernet1 outside 200.0.0.1 255.255.255.255 manua

  PPPOE_SERVER#show pppoe session all //查看pppoe session 所有会话详细信息

学习啦在线学习网   Total PPPoE sessions 1

  PPPoE Session Information

学习啦在线学习网   session id: 1

  local MAC address: cc9f.0788.0000, remote MAC address: 00aa.0001.0102

  virtual access interface: Vi1.1, outgoing interface: Et0/0

  117 packets sent, 117 received

学习啦在线学习网   1915 bytes sent, 1934 received

学习啦在线学习网   现在我把PIX上的E1接口重新关闭之后,再打开,再来观察一下PIX上的pppoe 的会话过程与PPPOE SERVER上的看到的pppoe 会话的四个过程,PADI---PADO-PADR-PADS 四个过程

学习啦在线学习网   pixfirewall# conf t

  pixfirewall(config)# int e1

  pixfirewall(config-if)# sh

  PPPoE: Shutting down client session

学习啦在线学习网   PPPoE: padi timer expired

  PPPoE: padi timer expired

  pixfirewall(config-if)# no sh

  pixfirewall# PPPoE: send_padi:(Snd) Dest:ffff.ffff.ffff Src:00aa.0001.0102 Type:0x8863=PPPoE-Discovery

  //开始发送广播,寻找PPPOE SERVER

  PPPoE: Ver:1 Type:1 Code:09=PADI Sess:0 Len:12

学习啦在线学习网   PPPoE: Type:0101:SVCNAME-Service Name Len:0

  PPPoE: Type:0103:HOSTUNIQ-Host Unique Tag Len:4

  PPPoE: 00000001

  PPPoE: PPPoE:(Rcv) Dest:00aa.0001.0102 Src:cc9f.09e4.0000 Type:0x8863=PPPoE-Discovery

学习啦在线学习网   PPPoE: Ver:1 Type:1 Code:07=PADO Sess:0 Len:48

  PPPoE: Type:0101:SVCNAME-Service Name Len:0

学习啦在线学习网   PPPoE: Type:0103:HOSTUNIQ-Host Unique Tag Len:4

学习啦在线学习网   PPPoE: 00000001

  PPPoE: Type:0102:ACNAME-AC Name Len:12

学习啦在线学习网   PPPoE: PPPOE_Server

学习啦在线学习网   PPPoE: Type:0104:ACCOOKIE-AC Cookie Len:16

学习啦在线学习网   PPPoE: 9682A160

  PPPoE: 3EDB1E03

学习啦在线学习网   PPPoE: DDDF8016

  PPPoE: 2E032E1C

  PPPoE:

学习啦在线学习网   PPPoE: PADO

  PPPoE: send_padr:(Snd) Dest:cc9f.09e4.0000 Src:00aa.0001.0102 Type:0x8863=PPPoE-Discovery

学习啦在线学习网   PPPoE: Ver:1 Type:1 Code:19=PADR Sess:0 Len:48

  PPPoE: Type:0101:SVCNAME-Service Name Len:0

  PPPoE: Type:0103:HOSTUNIQ-Host Unique Tag Len:4

  PPPoE: 00000001

学习啦在线学习网   PPPoE: Type:0102:ACNAME-AC Name Len:12

  PPPoE: PPPOE_Server

  PPPoE: Type:0104:ACCOOKIE-AC Cookie Len:16

  PPPoE: 9682A160

学习啦在线学习网   PPPoE: 3EDB1E03

学习啦在线学习网   PPPoE: DDDF8016

  PPPoE: 2E032E1C

  PPPoE:

  PPPoE: PPPoE:(Rcv) Dest:00aa.0001.0102 Src:cc9f.09e4.0000 Type:0x8863=PPPoE-Discovery

  PPPoE: Ver:1 Type:1 Code:65=PADS Sess:3 Len:48

  PPPoE: Type:0101:SVCNAME-Service Name Len:0

  PPPoE: Type:0103:HOSTUNIQ-Host Unique Tag Len:4

  PPPoE: 00000001

学习啦在线学习网   PPPoE: Type:0102:ACNAME-AC Name Len:12

  PPPoE: PPPOE_Server

  PPPoE: Type:0104:ACCOOKIE-AC Cookie Len:16

  PPPoE: 9682A160

学习啦在线学习网   PPPoE: 3EDB1E03

学习啦在线学习网   PPPoE: DDDF8016

学习啦在线学习网   PPPoE: 2E032E1C

  PPPoE:

学习啦在线学习网   PPPoE: PADS

  PPPoE: IN PADS from PPPoE tunnel

  PPPoE: Opening PPP link and starting negotiations.

  到这里PIX上的pppoe 会话已经结束,已经得到从PPPOE SERVER上分配的地址

学习啦在线学习网   PPPOE SERVER上开启debug之后,收到PIX上的PPPOE 会话请求

  PPPOE_SERVER#

学习啦在线学习网   *Mar 1 00:34:17.583: PPPoE 0: I PADI R:00aa.0001.0102 L:ffff.ffff.ffff Et0/0

  *Mar 1 00:34:17.583: PPPoE 0: O PADO, R:00aa.0001.0102 L:cc9f.0788.0000 Et0/0

  *Mar 1 00:34:17.639: PPPoE 0: I PADR R:00aa.0001.0102 L:cc9f.0788.0000 Et0/0

  *Mar 1 00:34:17.639: PPPoE : encap string prepared

学习啦在线学习网   *Mar 1 00:34:17.639: [2]PPPoE 2: Access IE handle allocated

  *Mar 1 00:34:17.639: [2]PPPoE 2: pppoe SSS switch updated

学习啦在线学习网   *Mar 1 00:34:17.639: [2]PPPoE 2: AAA unique ID allocated

  *Mar 1 00:34:17.643: [2]PPPoE 2: No AAA accounting method list

学习啦在线学习网   *Mar 1 00:34:17.643: [2]PPPoE 2: Service request sent to SSS

学习啦在线学习网   *Mar 1 00:34:17.643: [2]PPPoE 2: Created R:cc9f.0788.0000 L:00aa.0001.0102 Et0/0

  *Mar 1 00:34:17.647: [2]PPPoE 2: State REQ_NASPORT Event MORE_KEYS

学习啦在线学习网   *Mar 1 00:34:17.647: [2]PPPoE 2: O PADS R:00aa.0001.0102 L:cc9f.0788.0000 Et0/0

学习啦在线学习网   *Mar 1 00:34:17.651: ppp2 PPP: Using default call direction

学习啦在线学习网   *Mar 1 00:34:17.651: ppp2 PPP: Treating connection as a dedicated line

  *Mar 1 00:34:17.651: ppp2 PPP: Session handle[73000003] Session id[2]

  *Mar 1 00:34:17.651: ppp2 PPP: Authorization required

  *Mar 1 00:34:17.655: [2]PPPoE 2: State START_PPP Event DYN_BIND

学习啦在线学习网   *Mar 1 00:34:17.655: [2]PPPoE 2: data path set to PPP

学习啦在线学习网   PPPOE_SERVER#

学习啦在线学习网   *Mar 1 00:34:20.679: ppp2 PAP: I AUTH-REQ id 1 len 24 from "wangwanli"

  *Mar 1 00:34:20.679: ppp2 PAP: Authenticating peer wangwanli

  *Mar 1 00:34:20.687: ppp2 PPP: Sent PAP LOGIN Request

  *Mar 1 00:34:20.687: ppp2 PPP: Received LOGIN Response PASS

学习啦在线学习网   *Mar 1 00:34:20.691: [2]PPPoE 2: State LCP_NEGO Event PPP_LOCAL

  *Mar 1 00:34:20.691: PPPoE 2/SB: Sent vtemplate request on base Vi1

  *Mar 1 00:34:20.699: [2]PPPoE 2: State CREATE_VA Event VA_RESP

学习啦在线学习网   *Mar 1 00:34:20.699: [2]PPPoE 2: Vi1.1 interface obtained

  *Mar 1 00:34:20.699: [2]PPPoE 2: State PTA_BIND Event STAT_BIND

学习啦在线学习网   *Mar 1 00:34:20.699: [2]PPPoE 2: data path set to Virtual Acess

  PPPOE_SERVER#

学习啦在线学习网   *Mar 1 00:34:20.703: [2]PPPoE 2: Connected PTA

  *Mar 1 00:34:20.707: Vi1.1 PPP: Sent LCP AUTHOR Request

  *Mar 1 00:34:20.707: Vi1.1 PPP: Sent IPCP AUTHOR Request

  *Mar 1 00:34:20.711: Vi1.1 LCP: Received AAA AUTHOR Response PASS

学习啦在线学习网   *Mar 1 00:34:20.711: Vi1.1 IPCP: Received AAA AUTHOR Response PASS

  *Mar 1 00:34:20.711: Vi1.1 PAP: O AUTH-ACK id 1 len 5

  //PAP认证通过

学习啦在线学习网   pixfirewall# show vpdn session pppoe state

  PPPoE Session Information (Total tunnels=1 sessions=1)

学习啦在线学习网   SessID TunID Intf State Last Chg

学习啦在线学习网   3 1 outside SESSION_UP 2928 secs

  pixfirewall# show vpdn pppinterface //查看ppp会话,以及ppp认证方式

  PPP virtual interface id = 1

学习啦在线学习网   PPP authentication protocol is PAP

学习啦在线学习网   Server ip address is 192.168.0.1

  Our ip address is 200.0.0.1

  Transmitted Pkts: 122, Received Pkts: 121, Error Pkts: 0

  MPPE key strength is None

  MPPE_Encrypt_Pkts: 0, MPPE_Encrypt_Bytes: 0

  MPPE_Decrypt_Pkts: 0, MPPE_Decrypt_Bytes: 0

  Rcvd_Out_Of_Seq_MPPE_Pkts: 0

  pixfirewall#

相关文章

热门文章

569384