I've done a load of Cisco 877 configurations in the past on ADSL lines and wondered how all of the virtual template stuff works so here's a lesson as to how to configure PPPoE Server and Client with the Server providing the Client with an IP address using DHCP.
We will also get the Server to authenticate the Client using CHAP and the Server will rate-limit the Client to a maximum of 10 sessions per minute over a period of 5 minutes.
Let's start with the Client as it is the least amount of work.
Client Tasks
1. Configure a Dialer interface
a. It should receive the IP address from the Server
b. Have PPP configured
c. Be part of a Dialer Pool
d. Set the CHAP hostname
e. Set the CHAP password
interface Dialer1
ip address dhcp
encapsulation ppp
dialer pool 1
ppp chap hostname Router1
ppp chap password cisco
2. Tie the Dialer to a physical interface
a. Remove any IP address from the interface
b. Enable PPPoE
c. Configure PPPoE to match the Dialer Pool
interface FastEthernet0/1
no ip address
pppoe enable
pppoe-client dial-pool-number 1
Server Tasks
1. Configure a Virtual Template interface
a. Apply an IP address
b. Apply PPP encapsulation
c. Enable CHAP authentication
interface Virtual-Template1
ip address 192.168.1.1 255.255.255.0
encapsulation ppp
ppp authentication chap
2. Create a Broadband Aggregation Group
a. Give the group a name
b. Tie the Virtual-Template to the group
c. Throttle the client to 10 sessions per minute over a period of 5 minutes.
bba-group pppoe MY_BBA_GROUP
virtual-template 1
sessions per-mac throttle 10 60 300
3. Configure the physical interface connected to the client
a. Tie the physical interface to the BBA group
interface FastEthernet0/1
pppoe enable group MY_BBA_GROUP
4. Create a DHCP pool for the client
a. Exclude the IP address assigned to the Virtual Template interface
ip dhcp excluded-address 192.168.1.1
ip dhcp pool MY_PPPoE_POOL
network 192.168.1.0
5. Create a username/password pair for Router1 for authentication
username Router1 password cisco
That's it. It takes a little while for it to kick in but worth trying to lab.
Cheers,
Chris
Hi Chris,
ReplyDeleteYou mention the server rate-limits the client to so many sessions in a defined period. I have a situation with 877s on unreliable lines, I regularly see a fault where the ADSL line is in sync but the 877 has failed to negotiate a ppp session with the server. If the ADSL is flapping would it result in this kind of fault?