WA2200系列Fat AP的PPPoE Client功能的典型配置

WA2200系列Fat AP的PPPoE Client功能的典型配置

适用WA2200版本：Comware Software, Version 5.20, Ess 1104P02                            

一、组网需求

PPPoE在ADSL宽带接入中被广泛使用。通常情况下，一台主机如果要通过ADSL接入Internet，必须在主机上安装PPPoE客户端拨号软件。设备AP实现了PPPoE Client功能（即PPPoE的客户端拨号功能），用户可以不用在Host上安装PPPoE客户端软件即可接入Internet。

Router的Ethernet 0/1接口连接IP网络，AP的Ethernet 1/0/1通过Modem连接到PSTN网络，DSLAM连接PSTN网络与IP网络。要求Router用PAP、CHAP两种方式验证AP。使AP作为PPPoE客户端连接上PPPoE Server。假设整个网络所使用的IP地址都处于同一网段。

PPPoE的认证方式有两种：PAP和CHAP。下文的配置步骤会对这两种情况分开说明。

二、Router的主要配置

方案一：PAP认证

# 增加一个PPPoE用户

<Router> system-view

[Router] local-user user2

[Router-luser-user2] password simple hello

[Router-luser-user2] service-type ppp

[Router-luser-user2] quit

# 配置虚拟模板参数

[Router] interface virtual-template 1

[Router-Virtual-Template1] ppp authentication-mode pap

[Router-Virtual-Template1] ip address 1.1.1.1 255.0.0.0

[Router-Virtual-Template1] remote address 1.1.1.2

[Router-Virtual-Template1] quit

# 配置PPPoE Server。

[Router] interface ethernet 0/1

[Router-Ethernet0/1] pppoe-server bind virtual-template 1

方案二：CHAP认证

# 增加一个PPPoE用户

<Router> system-view

[Router] local-user user2

[Router-luser-user2] password simple hello

[Router-luser-user2] service-type ppp

[Router-luser-user2] quit

# 配置虚拟模板参数

[Router] interface virtual-template 1

[Router-Virtual-Template1] ppp authentication-mode chap

[Router-Virtual-Template1] ppp chap user user1

[Router-Virtual-Template1] ip address 1.1.1.1 255.0.0.0

[Router-Virtual-Template1] remote address 1.1.1.2

[Router-Virtual-Template1] quit

# 配置PPPoE Server

[Router] interface ethernet 0/1

[Router-Ethernet0/1] pppoe-server bind virtual-template 1

[Router-Ethernet0/1] quit

三、WA2200的主要配置

配置信息

方案一：PAP认证

[AP]display current-configuration

……

interface Dialer1

 link-protocol ppp

 ppp pap local-user user2 password simple hello

 ip address ppp-negotiate

 dialer user user2

 dialer-group 1

 dialer bundle 1

#

interface Vlan-interface1

 pppoe-client dial-bundle-number 1

#

dialer-rule 1 ip permit

#

return

方案二：CHAP认证

[AP]display current-configuration

……

local-user user1

#

……

interface Dialer1

 link-protocol ppp

 ppp chap user user2

 ip address ppp-negotiate

 dialer user user2

 dialer-group 1

 dialer bundle 1

#

interface NULL0

#

interface Vlan-interface1

 pppoe-client dial-bundle-number 1

#

interface Ethernet1/0/1

…… 

主要配置步骤

方案一：PAP认证

# 配置AP作为PPPoE Client

<AP> system-view

[AP] dialer-rule 1 ip permit

[AP] interface dialer 1

[AP-Dialer1] dialer user user2

[AP-Dialer1] dialer-group 1

[AP-Dialer1] dialer bundle 1

[AP-Dialer1] ip address ppp-negotiate

[AP-Dialer1] ppp pap local-user user2 password simple hello

[AP-Dialer1] quit

# 配置PPPoE会话。

[AP] interface Vlan-interface 1

[AP-Vlan-interface1] pppoe-client dial-bundle-number 1

方案二：CHAP认证

#  配置AP作为PPPoE Client

<AP> system-view

[AP] dialer-rule 1 ip permit

[AP] interface dialer 1

[AP-Dialer1] dialer user user2

[AP-Dialer1] dialer-group 1

[AP-Dialer1] dialer bundle 1

[AP-Dialer1] ip address ppp-negotiate

[AP-Dialer1] ppp chap user user2

[AP-Dialer1] quit

[AP] local-user user1

[AP-luser-user1] password simple hello

[AP-luser-user1] quit

# 配置PPPoE会话。

[AP] interface Vlan-interface 1

[AP-Vlan-interface1] pppoe-client dial-bundle-number 1

四、验证结果

可以有两种方式来验证该配置的结果：

通过查看接口、看拨号接口是否UP、是否获取IP地址

[AP]display brief interface

The brief information of interface(s) under route mode:

Interface            Link      Protocol-link  Protocol type    Main IP

Dia1                 UP        UP             PPP              1.1.1.2

NULL0                UP        UP(spoofing)   NULL             --

Vlan1                UP        DOWN           ETHERNET         --

WLAN-Radio1/0/1      UP        UP             DOT11            --

WLAN-Radio1/0/2      UP        UP             DOT11            --

 

The brief information of interface(s) under bridge mode:

Interface            Link      Speed     Duplex   Link-type  PVID

Eth1/0/1             UP        100M(a)   full(a)  access     1

从WA2200侧ping服务器端接口的IP地址，看能否ping通

[AP]ping 1.1.1.1

  PING 1.1.1.1: 56  data bytes, press CTRL_C to break

    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=255 time=3 ms

    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=255 time=3 ms

    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=255 time=3 ms

    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=255 time=3 ms

    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=255 time=3 ms

 

  --- 1.1.1.1 ping statistics ---

    5 packet(s) transmitted

    5 packet(s) received

    0.00% packet loss

    round-trip min/avg/max = 3/3/3 ms