至顶网›网络频道 ›案例介绍：使用ACS SERVER认证PPPOE配置

案例介绍：使用ACS SERVER认证PPPOE配置

扫一扫
分享文章到微信
扫一扫
关注官方公众号
至顶头条

对于PPPoE的实际应用案例，我们讲解的比较少。那么这里我们则讲解一下用ACS SERVER认证PPPOE的实例.网络设计的目的:是路由器下的用户用PPPOE客户端从AAA SERVER 10.72.254.125/10.72.253.7进行认证上网.

2010年9月8日

关键字：网络 PPPoE

在用ACS SERVER认证PPPOE配置的过程中，我们需要对路由器进行一下设置：

version 12.2

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

hostname xxxxxxx

aaa new-model

aaa group server radius pppoe

server 10.72.254.125 auth-port 1645 acct-port 1646

server 10.72.253.7 auth-port 1645 acct-port 1646

aaa authentication ppp default group pppoe

aaa authorization network default group pppoe

aaa accounting network default start-stop group pppoe

aaa session-id common

enable secret 5 $1$nXz9$VFWaAXNkq/JfBUj4hn.Kx/

username xxx password 0 xxxxxx

ip subnet-zero

ip domain-name xxxxxx

ip name-server xxx.xxx.xxx

ip audit notify log

ip audit po max-events 100

ip ssh time-out 120

ip ssh authentication-retries 3

vpdn enable

vpdn-group PPPOE

accept-dialin

protocol pppoe

virtual-template 10

pppoe limit max-sessions 500

vpdn-group pppoe

pppoe-forwarding

async-bootp dns-server xxx.xxx.xxx.xxx

crypto mib ipsec flowmib history tunnel size 200

crypto mib ipsec flowmib history failure size 200

interface Loopback0

ip address 10.75.255.240 255.255.255.255

interface GigabitEthernet0/0

no ip address

duplex full

speed 100

media-type rj45

pppoe enable

interface GigabitEthernet0/0.2

encapsulation dot1Q 2

pppoe enable

interface GigabitEthernet0/0.3

encapsulation dot1Q 3

pppoe enable

interface GigabitEthernet0/0.507

description jxtvnet-fengyuan-office

encapsulation dot1Q 507

pppoe enable

interface GigabitEthernet0/0.699

description pppoe-access-vlans

encapsulation dot1Q 699

pppoe enable

interface GigabitEthernet0/0.701

description Department DATA office-yangxiaodong

encapsulation dot1Q 701

pppoe enable

interface GigabitEthernet0/0.802

description Jing-mao-wei

encapsulation dot1Q 802

ip address 10.72.243.1 255.255.255.248

pppoe enable

interface GigabitEthernet0/0.805

description Guo-tu-ting

encapsulation dot1Q 805

ip address 10.72.242.1 255.255.255.248

pppoe enable

interface GigabitEthernet0/0.806

description Shang-jian-ju

encapsulation dot1Q 806

ip address 172.19.1.1 255.255.255.248

pppoe enable

interface GigabitEthernet0/0.807

description Fang-zhi-ji-tuan

encapsulation dot1Q 807

ip address 172.19.5.1 255.255.255.248

pppoe enable

interface GigabitEthernet0/0.808

description Wen-jiao-lu-xiao-qu

encapsulation dot1Q 808

pppoe enable

interface GigabitEthernet0/0.810

description Yi-zhi

encapsulation dot1Q 810

ip address 172.19.7.1 255.255.255.248

pppoe enable

interface GigabitEthernet0/0.811

description zhong-zi-guan-li-zhan

encapsulation dot1Q 811

pppoe enable

interface GigabitEthernet0/0.814

description Yen-yei-gong-shi

encapsulation dot1Q 814

pppoe enable

interface GigabitEthernet0/0.815

description Xin-hua-shu-dian

encapsulation dot1Q 815

pppoe enable

interface GigabitEthernet0/1

ip address 10.72.207.245 255.255.255.252

duplex full

speed 100

media-type rj45

interface Virtual-Template10

mtu 1492

ip unnumbered GigabitEthernet0/1

no peer default ip address

ppp authentication chap

ip classless

ip route 0.0.0.0 0.0.0.0 10.72.207.246

no ip http server

ip pim bidir-enable

snmp-server community xxxxx RO

snmp-server community xxxxx RW

radius-server host 10.72.254.125 auth-port 1645 acct-port 1646 key cisco

radius-server host 10.72.253.7 auth-port 1645 acct-port 1646 key cisco

radius-server retransmit 3

call rsvp-sync

mgcp profile default

dial-peer cor custom

gatekeeper

shutdown

line con 0

line aux 0

line vty 0 4

password xxxxx

end

[page]

注：在用ACS SERVER认证PPPOE配置中有以下特点:

1、做了两台AAA　SERVER服务器，用户如果从主的服务器上不法认证，就会到时从的服务器上进行认证。

案例介绍：使用ACS SERVER认证PPPOE配置

业界热点: