拓撲很簡單:Router ——Switch——client PC
配置主要分為以下幾個方面:
1.配置內部接口G0/1
interface GigabitEthernet0/1
ip address 192.168.0.1 255.255.255.0 //設置接口內部IP地址
ip nat inside //確認inside 接口
no shutdown //開啟端口
2.配置DHCP服務
ip dhcp excluded-address 192.168.0.1 //設置保留不分配內部地址
ip dhcp pool client //配置DHCP地址池client
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1 //配置客戶端PC獲取路由
dns-server 192.168.0.1 //配置內部網絡DNS
3.配置DNS服務
ip dns server //啟用Router路由功能
ip domain-lookup //禁止域名解析
ip name-server 221.228.255.1 218.2.135.1 //指定首選和備用DNS(各地有差異,請選擇速度較快的)
4.配置外部接口G0/0
interface GigabitEthernet0/0
pppoe enable group global //開啟外部接口pppoe功能,允許接口運行ppoe
pppoe-client dial-pool-number 2 //將以太網接口的pppoe撥號客戶端加入撥號地址池2,即需要完成物理接口和邏輯地址池dial-pool-number 2之間的綁定
5.配置邏輯接口
interface Dialer1 //進入邏輯接口
ip address negotiated //與Adsl服務商動態協商獲取IP地址
ip mtu 1492 //定義幀數,因為PPP封裝的原因,ip mtu要做相應調整
ip nat outside //確認outside接口
encapsulation ppp //封裝ppp協議
ip tcp adjust-mss 1452 // 命令調整 TCP SYN 數據包的 MSS(最大數據段大小)
dialer pool 2 //該接口使用撥號地址池2進行撥號
ppp authentication chap callin //將認證模式設置為chap
ppp chap hostname XXX //設置chap用戶名(一般為11位的賬戶名)
ppp chap password XXX //設置chap密碼
ppp pap sent-username XXX password XXX //撥號使用pap或者chap需依據服務商配置
ppp ipcp dns request //動態獲取dns
6.配置NAT服務
access-list 1 permit 192.168.0.0 0.0.0.255
ip nat inside source list 1 interface Dialer1 overload
7.配置Router
ip route 0.0.0.0 0.0.0.0 Dialer1
PS:
1.cisco對於pppoe的設置采用的是BBA-group,而不是VPDN-group
所以沒有辦法在vpdn enable下面啟用protocol pppoe
2.對於cisco設備客戶端而言也就不需要去設置vpdn enable,即不需要配置VPDN服務
3.排錯命令:debug pppoe events
================================================================================================
Router#show run
Building configuration...
Current configuration : 2093 bytes
!
! Last configuration change at 07:12:16 UTC Wed Aug 8 2018
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
ip cef
!
!
!
ip dhcp excluded-address 192.168.0.1
!
ip dhcp pool client
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 114.114.114.114
!
!
!
ip name-server 221.228.255.1
ip name-server 218.2.135.1
no ipv6 cef
!
multilink bundle-name authenticated
!
vpdn enable
!
!
!
!
!
voice-card 0
!
!
!
!
!
!
!
!
license udi pid CISCO2951/K9 sn FTX1746AHG7
hw-module pvdm 0/0
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
duplex full
speed auto
pppoe enable group global
pppoe-client dial-pool-number 2
!
interface GigabitEthernet0/1
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/2
ip address dhcp
duplex auto
speed auto
!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly in //ip虛擬分片重組
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 2
ppp authentication chap callin
ppp chap hostname 11122233344
ppp chap password 0 1234
ppp pap sent-username 11122233344 password 0 123412
ppp ipcp dns request
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip dns server
ip nat inside source list 1 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 1 permit 192.168.0.0 0.0.0.255
!
nls resp-timeout 1
cpd cr-id 1
!
!
control-plane
!
!
voice-port 0/0/0
!
voice-port 0/0/1
!
voice-port 0/0/2
!
voice-port 0/0/3
!
!
mgcp profile default
!
!
gatekeeper
shutdown
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login
transport input all
!
scheduler allocate 20000 1000
!
end