cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
111206
Views
31
Helpful
12
Comments

This is an example of configuring PPPoE in a back-to-back scenario. The objective here is to simulate a PPPoE server (typically found on the ISP end)

Client--Fa0/0----------------------------------------Fa0/0--Server

In this example, we're using 2 routers connected back-to-back on their Fa0/0 ports. Here're the parameters being simulated

1. Authentication using Chap/Pap (Username: cisco, password: sisco)

2. Client being authenticated by the server (one way authentication)

3. IP address being negotiated using IPCP

Here's the relevant configuration needed on the client router

interface FastEthernet0/0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip virtual-reassembly

ip tcp adjust-mss 1452

duplex auto

speed auto

pppoe enable

pppoe-client dial-pool-number 1

!

interface Dialer1

ip address negotiated

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication pap chap callin

ppp pap sent-username cisco password sisco

ppp chap hostname cisco

ppp chap password sisco

!

ip route 0.0.0.0 0.0.0.0 Dialer1

Here's the relevant configuration needed on the Server

username cisco password sisco

!

bba-group pppoe global

virtual-template 1

!

interface FastEthernet0/0

ip address 10.252.102.49 255.255.255.240

ip rip advertise 4

load-interval 30

duplex auto

speed auto

pppoe enable group global

!

interface Virtual-Template1

mtu 1492

ip unnumbered FastEthernet0/0

peer default ip address pool pppoepool

ppp authentication pap chap

!

ip local pool pppoepool 10.10.10.1 10.10.10.200

!

Here's how the flow will be

1. Client negotiates PPPoE using PADo, PADi and PADr with the server, both client and server move into PPP-->LCP phase

2. Client/Server negotiate authentication, other parameters

3. Server asks the client for a username/password (using pap, as pap is configured before chap)

4. Client sends out a username/password configured in it's dialer

5. Server authenticates this username/password against its global username/password list (alternatively a AAA/Radius server)

6. Client and Server both move on to IPCP phase

7. Client sends an ip address of 0.0.0.0 (asking for an ip address from the Server)

8. Server hands out an IP address from its pool (in this case pppoepool)

9. Client/Server finish IPCP phase and the link comes up

At this time, the link should be up and able to pass traffic

Comments
snarayanaraju
Level 4
Level 4

Hi Ronit,

A very good article. Thanks for contributing.

Ovidiu Serbu
Community Member

WTB some debug commands for the 1 - 9 stages

but it's a nice article, even old, still should work, gonna try it for sure, cause i need to play with pppoe a bit .

skapadi
Cisco Employee
Cisco Employee

Hi,

What is best pratice for configuring ip address in server interface, physical interface or virtual-template.

Is it documented anywhere?

Thanks.

francisgamo
Level 1
Level 1

Thanks for this grean info.

darrinmcland
Community Member

Thanks, worked fine, I did add NAT and DHCP

be sure to use the "IP NAT OUTSIDE" on the dialer 1 interface, and overload statement on the NAT command

Cheers

DRM

Roberto Soto
Level 1
Level 1

Hello darrinmcland, where do you apply the IP NAT OUTSIDE on the fast Ethernet interface or dialer interface? I just a bit confuse on to where to apply NAT.

Ovidiu Serbu
Community Member

the outside interface is dialer.

so the outside statements goes there, 

the accesslists also go here on the dialer.

 

dialer is your "wan".

vinciffs1
Level 1
Level 1

Isn't that supposed to be ip mtu 1492 instead of simply mtu?

kevintang
Level 1
Level 1

Hi,

Rolitto
Level 1
Level 1

Amazing, I'm going to simulate it hopefully soon if I have some free time.

MannyMiami
Level 1
Level 1

!CONFIG CCNA PPPoE SERVER 2 Rs
!
!2 Rs connected using G0/1 in both routers
!
!
!january 2020 THIS CONF DID'T work in Cisco Packet Tracer
! I used VMWare with GNS3
! I bought a cisco VIRL L3 'device'
! MY laptop i5 I gave my VMWare GNS3 3 core and half my RAM 16gb
!
!
!ROUTER 'ISP'
en
conf t
ho ISP
line con 0
logging sync
no ip domain-loo
!
!
!CREANDO USERNAME Y PASSPORD
!CONFIG USERNAME AND PASSWORD
!
username cisco password sisco
!
!
bba-group pppoe global
virtual-template 1
!
!
!LUEGO VOY A INTERFACE FISICA Q USARE JUNTO CON DIALER1 PARA CREAR LA VIRTUAL-ACCESS INTERFACE
!THEN OPEN INTERFACE WE WILL USE TO 'PAIR' WITH DIALER1 TO CREATE THE VIRTUAL-ACCESS INTERFACE
!
int g0/0
ip add 10.12.0.1
ip rip advertise 4
load-interval 30
pppoe enable group PPPOE
no shut
!
!
!CREANDO INT LoopBack 0
!
int l0
ip add 1.1.1.1 255.255.255.0
!
!
!CONFIG INT VIRTUAL-TEMPLATE 1
!
int virtual-template 1
mtu 1492
ip unnumbered g0/1
encap ppp
ppp authentication pap chap
peer default ip add pool PPPoEPool
!
!
!CREANDO EL POOL LOCAL
!
en
conf
ip local pool PPPoEPool 10.0.0.1 10.0.0.10
!
!
!CREANDO PPPoE-CLIENT 2Rs!!!!!!!!!!!!!!
!CONFIG PPPoE-CLIENT 2Rs!!!!!!!!!!!!!!
!
en
conf t
ho R1
line con 0
logging sync
no ip domain-loo
!
!
!INTERFACE FISICA CONECTADA A ISP ROUTER
!PHYSICAL INTERFACE CONNECTED TO ISP ROUTER
int g0/1
no shut
pppoe enable
pppoe-client dial-pool-number 1
!
!
! CREANDO INTERFACE VIRTUAL DIALER 1
! CONFIG INTERFACE VIRTUAL DIALER 1
int dialer 1
ip add negotiated
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap chap callin
ppp pap sent-username cisco password sisco
ppp chap hostname cisco
ppp chap password sisco
!
!
!CREANDO IP ROUTE TO EXIT FOR DIALER 1
ip route 0.0.0.0 0.0.0.0 dialer1
!
!
!GOOD LUCK, BUONA FORTUNA, BUENA SUERTE, VIEL GLUECK !!!!

 

 

 

 

 

MannyMiami
Level 1
Level 1

I working in my CCNA but I dont like NOT to know how something works

so I decided learn better PPPoE also from the server perspective

so, thanks a lot RONIT

 

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Review Cisco Networking for a $25 gift card