WA2200系列Fat AP的PPPoE Client功能的典型配置
适用WA2200版本:Comware Software, Version 5.20, Ess 1104P02
一、组网需求
PPPoE在ADSL宽带接入中被广泛使用。通常情况下,一台主机如果要通过ADSL接入Internet,必须在主机上安装PPPoE客户端拨号软件。设备AP实现了PPPoE Client功能(即PPPoE的客户端拨号功能),用户可以不用在Host上安装PPPoE客户端软件即可接入Internet。
Router的Ethernet 0/1接口连接IP网络,AP的Ethernet 1/0/1通过Modem连接到PSTN网络,DSLAM连接PSTN网络与IP网络。要求Router用PAP、CHAP两种方式验证AP。使AP作为PPPoE客户端连接上PPPoE Server。假设整个网络所使用的IP地址都处于同一网段。
PPPoE的认证方式有两种:PAP和CHAP。下文的配置步骤会对这两种情况分开说明。
二、Router的主要配置
方案一:PAP认证
# 增加一个PPPoE用户
<Router> system-view
[Router] local-user user2
[Router-luser-user2] password simple hello
[Router-luser-user2] service-type ppp
[Router-luser-user2] quit
# 配置虚拟模板参数
[Router] interface virtual-template 1
[Router-Virtual-Template1] ppp authentication-mode pap
[Router-Virtual-Template1] ip address 1.1.1.1 255.0.0.0
[Router-Virtual-Template1] remote address 1.1.1.2
[Router-Virtual-Template1] quit
# 配置PPPoE Server。
[Router] interface ethernet 0/1
[Router-Ethernet0/1] pppoe-server bind virtual-template 1
方案二:CHAP认证
# 增加一个PPPoE用户
<Router> system-view
[Router] local-user user2
[Router-luser-user2] password simple hello
[Router-luser-user2] service-type ppp
[Router-luser-user2] quit
# 配置虚拟模板参数
[Router] interface virtual-template 1
[Router-Virtual-Template1] ppp authentication-mode chap
[Router-Virtual-Template1] ppp chap user user1
[Router-Virtual-Template1] ip address 1.1.1.1 255.0.0.0
[Router-Virtual-Template1] remote address 1.1.1.2
[Router-Virtual-Template1] quit
# 配置PPPoE Server
[Router] interface ethernet 0/1
[Router-Ethernet0/1] pppoe-server bind virtual-template 1
[Router-Ethernet0/1] quit
三、WA2200的主要配置
配置信息
方案一:PAP认证
[AP]display current-configuration
……
interface Dialer1
link-protocol ppp
ppp pap local-user user2 password simple hello
ip address ppp-negotiate
dialer user user2
dialer-group 1
dialer bundle 1
#
interface Vlan-interface1
pppoe-client dial-bundle-number 1
#
dialer-rule 1 ip permit
#
return
方案二:CHAP认证
[AP]display current-configuration
……
local-user user1
#
……
interface Dialer1
link-protocol ppp
ppp chap user user2
ip address ppp-negotiate
dialer user user2
dialer-group 1
dialer bundle 1
#
interface NULL0
#
interface Vlan-interface1
pppoe-client dial-bundle-number 1
#
interface Ethernet1/0/1
……
主要配置步骤
方案一:PAP认证
# 配置AP作为PPPoE Client
<AP> system-view
[AP] dialer-rule 1 ip permit
[AP] interface dialer 1
[AP-Dialer1] dialer user user2
[AP-Dialer1] dialer-group 1
[AP-Dialer1] dialer bundle 1
[AP-Dialer1] ip address ppp-negotiate
[AP-Dialer1] ppp pap local-user user2 password simple hello
[AP-Dialer1] quit
# 配置PPPoE会话。
[AP] interface Vlan-interface 1
[AP-Vlan-interface1] pppoe-client dial-bundle-number 1
方案二:CHAP认证
# 配置AP作为PPPoE Client
<AP> system-view
[AP] dialer-rule 1 ip permit
[AP] interface dialer 1
[AP-Dialer1] dialer user user2
[AP-Dialer1] dialer-group 1
[AP-Dialer1] dialer bundle 1
[AP-Dialer1] ip address ppp-negotiate
[AP-Dialer1] ppp chap user user2
[AP-Dialer1] quit
[AP] local-user user1
[AP-luser-user1] password simple hello
[AP-luser-user1] quit
# 配置PPPoE会话。
[AP] interface Vlan-interface 1
[AP-Vlan-interface1] pppoe-client dial-bundle-number 1
可以有两种方式来验证该配置的结果:
通过查看接口、看拨号接口是否UP、是否获取IP地址
[AP]display brief interface
The brief information of interface(s) under route mode:
Interface Link Protocol-link Protocol type Main IP
Dia1 UP UP PPP 1.1.1.2
NULL0 UP UP(spoofing) NULL --
Vlan1 UP DOWN ETHERNET --
WLAN-Radio1/0/1 UP UP DOT11 --
WLAN-Radio1/0/2 UP UP DOT11 --
The brief information of interface(s) under bridge mode:
Interface Link Speed Duplex Link-type PVID
Eth1/0/1 UP 100M(a) full(a) access 1
从WA2200侧ping服务器端接口的IP地址,看能否ping通
[AP]ping 1.1.1.1
PING 1.1.1.1: 56 data bytes, press CTRL_C to break
Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=255 time=3 ms
Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=255 time=3 ms
Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=255 time=3 ms
Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=255 time=3 ms
Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=255 time=3 ms
--- 1.1.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 3/3/3 ms
该案例暂时没有网友评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作