First of all, may I welcome you to my site. My name is Chris and I'm from the UK and work as a Systems Engineer for Cisco. This blog was initially created to post up my subnetting technique but has now got more stuff to do with attaining Cisco certifications. Either way I really hope that the content is sufficent for your needs and I look forward to hearing your feedback. If you find that the content really helps you please feel free to donate using the PayPal link on the right.

To view the index of all my articles please click here.

PPPoE Server and Client

I've done a load of Cisco 877 configurations in the past on ADSL lines and wondered how all of the virtual template stuff works so here's a lesson as to how to configure PPPoE Server and Client with the Server providing the Client with an IP address using DHCP.

We will also get the Server to authenticate the Client using CHAP and the Server will rate-limit the Client to a maximum of 10 sessions per minute over a period of 5 minutes.

Let's start with the Client as it is the least amount of work.

Client Tasks

1. Configure a Dialer interface
a. It should receive the IP address from the Server
b. Have PPP configured
c. Be part of a Dialer Pool
d. Set the CHAP hostname
e. Set the CHAP password

interface Dialer1
ip address dhcp
encapsulation ppp
dialer pool 1
ppp chap hostname Router1
ppp chap password cisco

2. Tie the Dialer to a physical interface
a. Remove any IP address from the interface
b. Enable PPPoE
c. Configure PPPoE to match the Dialer Pool

interface FastEthernet0/1
no ip address
pppoe enable
pppoe-client dial-pool-number 1

Server Tasks

1. Configure a Virtual Template interface
a. Apply an IP address
b. Apply PPP encapsulation
c. Enable CHAP authentication

interface Virtual-Template1
ip address
encapsulation ppp
ppp authentication chap

2. Create a Broadband Aggregation Group
a. Give the group a name
b. Tie the Virtual-Template to the group
c. Throttle the client to 10 sessions per minute over a period of 5 minutes.

bba-group pppoe MY_BBA_GROUP
virtual-template 1
sessions per-mac throttle 10 60 300

3. Configure the physical interface connected to the client
a. Tie the physical interface to the BBA group

interface FastEthernet0/1
pppoe enable group MY_BBA_GROUP

4. Create a DHCP pool for the client
a. Exclude the IP address assigned to the Virtual Template interface

ip dhcp excluded-address
ip dhcp pool MY_PPPoE_POOL

5. Create a username/password pair for Router1 for authentication

username Router1 password cisco

That's it. It takes a little while for it to kick in but worth trying to lab.



Posted byChris Bloomfield at 14:34  


Nick B. said... 20 October 2011 at 19:41  

Hi Chris,

You mention the server rate-limits the client to so many sessions in a defined period. I have a situation with 877s on unreliable lines, I regularly see a fault where the ADSL line is in sync but the 877 has failed to negotiate a ppp session with the server. If the ADSL is flapping would it result in this kind of fault?

Post a Comment