|
华为模拟PPPoE连网配置方法
Gateway 配置gateway 私网部分 <Huawei>system-view [Huawei]sysnamegateway [gateway]dhcpenable //全局开启DHCP服务 [gateway-ip-pool-1]gateway192.168.1.1 //配置网关 [gateway-ip-pool-1]network192.168.1.0 mask 24 //配置子网段 [gateway-ip-pool-1]excluded-ip-address192.168.1.200 192.168.1.254 //配置不参与地址池IP [gateway-ip-pool-1]leaseday 0 hour 12 minute 0 //配置租约 [gateway-ip-pool-1]dns-list114.114.114.114 8.8.8.8 //配置DNS [gateway-ip-pool-1]displaythis [gateway-ip-pool-1]quit [gateway]interfaceGigabitEthernet 0/0/1 [gateway-GigabitEthernet0/0/1]dhcpselect global //接口DHCP选择全局 [gateway-GigabitEthernet0/0/1]quit
PPPoE server 创建环回口和PPPOE服务端的地址池 <Huawei>system-view [Huawei]sysnameserver [server]interfaceloopback 0 [server-LoopBack0]ipaddress100.100.100.100 32 [server-LoopBack0]quit [server]ippool zurkj //创建名为zurkj的地址池 [server-ip-pool-zurkj]gateway-list200.1.1.1 //配置网关地址 [server-ip-pool-zurkj]network200.1.1.0 mask 29 //配置网段 掩码为29位 [server-ip-pool-zurkj]dns-list114.114.114.114 8.8.8.8 //配置DNS [server-ip-pool-zurkj]displaythis [server-ip-pool-zurkj]quit 创建虚拟模板接口 [server]interfaceVirtual-Template 1 //创建虚拟接口模板 编号为1 [server-Virtual-Template1]pppauthentication-mode pap //PPP认证模式PAP [server-Virtual-Template1]ipaddress 200.1.1.1 29 [server-Virtual-Template1]remoteaddress pool zurkj //远程地址池引用zurkj(给对端分配地址) [server-Virtual-Template1]quit 物理接口绑定虚拟模板 [server]interfaceGigabitEthernet 0/0/0 [server-GigabitEthernet0/0/0]pppoe-serverbind virtual-template 1 //PPPOE服务绑定虚拟模板1 [server-GigabitEthernet0/0/0]quit 配置认证 [server]aaa //进入AAA [server-aaa]local-userad123456 password cipher admin1234 //创建本地用户ad123456密码admin1234 [server-aaa]local-userad123456 service-type ppp //本地用户服务类型PPP [server-aaa]local-userad654321 password cipher admin1234 [server-aaa]local-userad654321 service-type ppp [server-aaa]quit Gateway 配置拨号规则 [gateway]dialer-rule //创建拨号规则 [gateway-dialer-rule]dialer-rule1 ip permit //拨号规则1 允许IP触发(只要有IP流量就可以拨号) [gateway-dialer-rule]quit PPP配置 [gateway]interfaceDialer 1 //创建一个拨号接口 号为1 [gateway-Dialer1]dialeruser zurkj //拨号用户zurkj(注意此用户非ISP拨号用户) [gateway-Dialer1]dialer-group1 //拨号组 编号1 [gateway-Dialer1]dialerbundle 1 //拨号绑定 1 [gateway-Dialer1]ppppap local-user ad123456 password simple admin1234 //配置PPP拨号用户名和密码 [gateway-Dialer1]ipaddress ppp-negotiate //配置IP地址为PPP协商 [gateway-Dialer1displaythis [V200R003C00] # interfaceDialer1 link-protocol ppp ppp pap local-user ad123456 password simpleadmin1234 ip address ppp-negotiate dialer user zurkj dialer bundle 1 dialer-group 1 # Return [gateway-Dialer1]quit
配置物理接口调用dialer规则 [gateway]interfaceGigabitEthernet 0/0/0 [gateway-GigabitEthernet0/0/0]pppoe-clientdial-bundle-number 1 //PPPOE客户端 拨号规则绑定到前面创建的编号1 [gateway-GigabitEthernet0/0/0]quit [gateway]displayip interface brief *down:administratively down ^down:standby (l):loopback (s):spoofing The numberof interface that is UP in Physical is 4 The numberof interface that is DOWN in Physical is 1 The numberof interface that is UP in Protocol is 3 The numberof interface that is DOWN in Protocol is 2 Interface IP Address/Mask Physical Protocol Dialer1 200.1.1.6/32 up up(s) //这是PPP协商获取到的ISP地址 GigabitEthernet0/0/0 unassigned up down GigabitEthernet0/0/1 192.168.1.1/24 up up GigabitEthernet0/0/2 unassigned down down NULL0 unassigned up up(s)
配置默认路由 [gateway]iproute-static 0.0.0.0 0 Dialer 1 //默认路由下一跳指向拨号接口 另一种方案 [gateway]undoip route-static all //取消默认路由 [gateway]interfaceDialer 1 //进入创建好的dialer 1接口 [gateway-Dialer2]pppipcp default-route //PPP协商一条默认路由 [gateway-Dialer2]displaythis [V200R003C00] # interfaceDialer1 link-protocol ppp ppp ipcp default-route ppp pap local-user ad123456 password simpleadmin1234 ip address ppp-negotiate dialer user zurkj dialer bundle 1 dialer-group 1 # Return
重启端口,让PPP重新协商 [gateway]interfaceGigabitEthernet 0/0/0 [gateway-GigabitEthernet0/0/0]shutdown [gateway-GigabitEthernet0/0/0]undoshutdown [gateway-GigabitEthernet0/0/0]quit [gateway]displayip routing-table (同样获取一条默认路由)
[gateway]ping100.100.100.100 (ping server的环回口地址) PING 200.2.2.2: 56 data bytes, press CTRL_C to break Reply from 100.100.100.100: bytes=56Sequence=1 ttl=255 time=40 ms Reply from 100.100.100.100: bytes=56Sequence=2 ttl=255 time=20 ms Reply from 100.100.100.100: bytes=56Sequence=3 ttl=255 time=20 ms Reply from 100.100.100.100: bytes=56Sequence=4 ttl=255 time=20 ms Reply from 100.100.100.100: bytes=56Sequence=5 ttl=255 time=20 ms --- 100.100.100.100 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 20/24/40 ms
PC下发完地址Ping 100.100.100.100 发现失败 PC>ping100.100.100.100 Ping 100.100.100.100:32 data bytes, Press Ctrl_C to break Requesttimeout! Requesttimeout! Requesttimeout! Requesttimeout! Requesttimeout! --- 100.100.100.100ping statistics --- 5 packet(s) transmitted 0 packet(s) received 100.00% packet loss
Gateway需要配置nat转换后再次进行访问公网 [gateway]acl2000 //创建标准访问控制列表 [gateway-acl-basic-2000]rulepermit source any //配置规则允许所有IP源访问 [gateway-acl-basic-2000]quit [gateway]interfaceDialer 1 //进入拨号接口 2 [gateway-Dialer1]natoutbound 2000 //配置出口调用ACL2000进行NAT转换(注意要配置在IP层面,不要配置到物理端口上去)
下面优化 对于PPPOE拨号经常容易遇到的一个问题,就是有时候打开一些网页会显示打不开,或者图片不显示的问题。这个的话可以通过把MTU与TCP的MSS修改下就可以了。
建议的话,MTU在1492即可,因为PPPOE会多出8字节的头部,而MSS在1200~1452之间。 [gateway-Dialer1]mtu1492 [gateway-Dialer1]tcpadjust-mss 1452 再次使用PC Ping 100.100.100.100 PC>ping100.100.100.100 Ping100.100.100.100: 32 data bytes, Press Ctrl_C to break From100.100.100.100: bytes=32 seq=1 ttl=254 time=31 ms From100.100.100.100: bytes=32 seq=2 ttl=254 time=16 ms From100.100.100.100: bytes=32 seq=3 ttl=254 time=31 ms From100.100.100.100: bytes=32 seq=4 ttl=254 time=16 ms From100.100.100.100: bytes=32 seq=5 ttl=254 time=15 ms ---100.100.100.100 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet loss round-trip min/avg/max = 15/21/31 ms | 
|Archiver|手机版|小黑屋|祖瑞科技 全国计算机 网络IT运维社区!
( 沪ICP备16021636号-2 )
发表于 2021-2-5 17:59:10
