CCNP(ISCW)实验：配置Cisco PPPoE Server和Client(PAT的转换)

CCNP(ISCW)实验：配置Cisco PPPoE Server和Client(PAT的转换)

Client(config)#int dialer 0//进入拨号0口的配置模式Client(config-if)#ip add negotiated//配置ip地址类型为协商Client(config-if)#encapsulation ppp//定义封装类型为PPPClient(config-if)#dialer pool 1//定义拨号地址为1，必须与上面相符Client(config-if)#ppp chap hostname adminClient(config-if)#ppp chap password admin//以上两步为定义帐户名和密码Client(config)#ip route 0.0.0.0 0.0.0.0 dialer 0//一条出外网的静态路由

第二步：配置服务端Server(config)#username admin password admin//定义一个用户名与密码，客户端用这个用户名与密码登录Server(config)#vpdn enable//开启虚拟专用拨号网络Server(config)#vpdn-group ?WORD VPDN Group nameServer(config)#vpdn-group 1//定义vpdn组名称，我们在这里定义组名为1，但是在show run里没有显示Server(config-vpdn)#accept-dialin//定义接受拨号Server(config-vpdn-acc-in)#protocol pppoe//定义协议为PPPoE

% PPPoE config from vpdn-group is converted to pppoe-profile based config.% Continue PPPoE configuration under 'bba-group pppoe global'

Server(config-vpdn-acc-in)#exiServer(config-vpdn)#exi

Server(config)#bba-group pppoe global//进入PPPoE全局配置模式Server(config-bba-group)#virtual-template 1//创建一个虚模板Server(config-bba-group)#exiServer(config)#

Server(config)#int f0/0Server(config-if)#no ip addServer(config-if)#pppoe enableServer(config-if)#no sh

Server(config)#int virtual-template 1Server(config-if)#ip add 10.0.0.1 255.255.255.0Server(config-if)#peer default ip address pool liboServer(config-if)#ppp authentication chapServer(config-if)#exiServer(config)#ip local pool libo 10.0.0.10 10.0.0.20第三步：debug过程接下来我们看看PPPoE的发现和建立，在服务器端debug pppoe eventsMay 10 21:17:19.943: PPPoE 0: I PADI R:ca03.0cb4.0008 L:ffff.ffff.ffff Fa0/0May 10 21:17:19.943: Service tag: NULL Tag//以上为PPPoE的PADI阶段(初始化阶段，查找PPPoE服务器)，源mac地址为本地F0/0接口的地址，目标为全F，即广播地址

May 10 21:17:19.943: PPPoE 0: O PADO, R:ca04.0cb4.0008 L:ca03.0cb4.0008 Fa0/0May 10 21:17:19.947: Service tag: NULL Tag//以上为PPPoE的PADO阶段，单播回应，源mac为Server的F0/0

May 10 21:17:21.959: PPPoE 0: I PADR R:ca03.0cb4.0008 L:ca04.0cb4.0008 Fa0/0May 10 21:17:21.959: Service tag: NULL TagMay 10 21:17:21.959: PPPoE : encap string preparedMay 10 21:17:21.963: [4]PPPoE 3: Access IE handle allocatedMay 10 21:17:21.963: [4]PPPoE 3: pppoe SSS switch updatedMay 10 21:17:21.963: [4]PPPoE 3: AAA unique ID allocatedMay 10 21:17:21.963: [4]PPPoE 3: No AAA accounting method listMay 10 21:17:21.967: [4]PPPoE 3: Service request sent to SSSMay 10 21:17:21.967: [4]PPPoE 3: Created, Service: None R:ca04.0cb4.0008 L:ca03.0cb4.0008 Fa0/0May 10 21:17:21.971: [4]PPPoE 3: State NAS_PORT_POLICY_INQUIRY Event MORE_KEYS//以上为PPPoE的PADR阶段，单播请求建立链接

May 10 21:17:21.975: [4]PPPoE 3: O PADS R:ca03.0cb4.0008 L:ca04.0cb4.0008 Fa0/0May 10 21:17:21.979: [4]PPPoE 3: State PPP_START Event DYN_BIND*May 10 21:17:21.983: [4]PPPoE 3: data path set to PPP//以上为PADS阶段，如果用户名和密码正确，则分配ip地址，开始连入网络

May 10 21:17:24.175: [4]PPPoE 3: State LCP_NEGOTIATION Event PPP_LOCALMay 10 21:17:24.179: PPPoE 3/SB: Sent vtemplate request on base Vi1May 10 21:17:24.199: [4]PPPoE 3: State VACCESS_REQUESTED Event VA_RESPMay 10 21:17:24.199: [4]PPPoE 3: Vi1.1 interface obtainedMay 10 21:17:24.203: [4]PPPoE 3: State PTA_BINDING Event STAT_BINDMay 10 21:17:24.203: [4]PPPoE 3: data path set to Virtual Acess*May 10 21:17:24.203: [4]PPPoE 3: Connected PTA

//备注：这里还有一个PADT的阶段，这个为不成功，这里就不做演示了，如果学者用GNS3做实验的话，如果内在不够的话，会出现PADS--PADTR1-client#sh ip int bInterface IP-Address OK? Method Status ProtocolFastEthernet0/0 unassigned YES unset up up FastEthernet0/1 unassigned YES unset administratively down down Virtual-Access1 unassigned YES unset up up Virtual-Access2 unassigned YES unset up up Dialer0 10.0.0.10 YES IPCP up up

R1-server#sh ip int bInterface IP-Address OK? Method Status ProtocolFastEthernet0/0 unassigned YES unset up up FastEthernet0/1 unassigned YES unset administratively down down Virtual-Access1 unassigned YES unset up up Virtual-Access1.1 10.0.0.1 YES TFTP up up Virtual-Template1 10.0.0.1 YES manual down down Virtual-Access2 unassigned YES unset down down

第四步：配置客户端的PAT接下来配置PATClient(config)#int f0/1Client(config-if)#ip add 192.168.0.1 255.255.255.0Client(config-if)#ip nat insideClient(config-if)#no sh//定义inside接口

Client(config)#int dialer 0Client(config-if)#ip nat outside//定义outsie端

Client(config)#access-list 1 permit anyClient(config)#ip nat inside source list 1 interface dialer 0//对list进行关联

Client(config)#ip dhcp pool liboClient(dhcp-config)#network 192.168.0.0 /24Client(dhcp-config)#default-router 192.168.0.1Client(config)#ip dhcp excluded-address 192.168.0.1 192.168.0.9//以上为地址池的定义过程第五步：配置pc来看看pc上的配置pc3(config)#int f0pc3(config-if)#ip add dhcppc3(config-if)#no sh

pc3(config)#ip default-gateway 192.168.0.1

第六步：测试pc3#sh ip int bInterface IP-Address OK? Method Status ProtocolFastEthernet0 192.168.0.10 YES DHCP up up //上面可以看出接口通过DHCP获得到了ip地址

测试pc3# ping 1.1.1.1

Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:.!!!!Success rate is 80 percent (4/5), round-trip min/avg/max = 48/79/100 ms

pc3#1.1.1.1Trying 1.1.1.1 ... Open

Server>exi

[Connection to 1.1.1.1 closed by foreign host]

Client#sh ip nat translationsPro Inside global Inside local Outside local Outside globalicmp 10.0.0.10:0 192.168.0.10:0 1.1.1.1:0 1.1.1.1:0tcp 10.0.0.10:11000 192.168.0.10:11000 1.1.1.1:23 1.1.1.1:23//上面可以看到PAT成功转换

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。