lost and found ( for me ? )

Cisco IOS version 15 : PPPoE setting ( source NAT )

Here's an explanation of setting up PPPoE on Cisco IOS ver 15.

[ Network Topology ]


[ configuration ]

R1 ( PPPoE Client Router )

PPPoE-Client#sh ver
Cisco IOS Software, 7200 Software (C7200-ADVENTERPRISEK9-M), Version 15.0(1)M4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Thu 28-Oct-10 22:27 by prod_rel_team

ROM: ROMMON Emulation Microcode
BOOTLDR: 7200 Software (C7200-ADVENTERPRISEK9-M), Version 15.0(1)M4, RELEASE SOFTWARE (fc1)

PPPoE-Client#show running-config
Building configuration...

Current configuration : 1859 bytes
!
! Last configuration change at 01:06:59 UTC Fri Apr 15 2011
!
upgrade fpd auto
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PPPoE-Client
!
boot-start-marker
boot-end-marker
!
enable password hello
!
no aaa new-model
!
!
!
ip source-route
ip cef
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
!
interface Ethernet1/0
description WAN
no ip address
duplex half
pppoe enable group global
pppoe-client dial-pool-number 1
!
!
interface Ethernet1/1
description LAN
ip address 10.0.0.254 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1414
duplex half
!
!
interface Ethernet1/2
no ip address
shutdown
duplex half
!
!
interface Ethernet1/3
no ip address
shutdown
duplex half
!
!
interface Ethernet1/4
no ip address
shutdown
duplex half
!
!
interface Ethernet1/5
no ip address
shutdown
duplex half
!
!
interface Ethernet1/6
no ip address
shutdown
duplex half
!
!
interface Ethernet1/7
no ip address
shutdown
duplex half
!
!
interface Dialer1
ip address negotiated
ip mtu 1454
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname cisco
ppp chap password 0 cisco
!
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 101 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 101 permit ip 10.0.0.0 0.255.255.255 any
dialer-list 1 protocol ip permit
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0
password hello
login
line vty 1 4
login
!
end

PPPoE-Client#  



R3 ( PPPoE Server Router )
PPPoE-Server#sh ver
Cisco IOS Software, 3600 Software (C3640-JK9S-M), Version 12.4(13a), RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Tue 06-Mar-07 20:25 by prod_rel_team

ROM: ROMMON Emulation Microcode
ROM: 3600 Software (C3640-JK9S-M), Version 12.4(13a), RELEASE SOFTWARE (fc1)



PPPoE-Server#sh running-config
Building configuration...

Current configuration : 1124 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PPPoE-Server
!
boot-start-marker
boot-end-marker
!
enable password hello
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
ip domain name domain
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username cisco password 0 cisco
!
!
!
!
!
!
bba-group pppoe global
virtual-template 1
!
bba-group pppoe test
virtual-template 1
!
!
interface Ethernet0/0
description WAN
no ip address
half-duplex
pppoe enable group test
!
interface Ethernet0/1
description LAN
ip address 20.0.0.254 255.255.255.0
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
interface Virtual-Template1
mtu 1454
ip address 10.0.0.1 255.255.255.0
peer default ip address pool test1
ppp authentication chap
!
ip local pool test1 10.0.0.200 10.0.0.254
ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0
password hello
login
line vty 1 4
login
!
!
end

PPPoE-Server#  



[ R1 n’ R3 logs ]

R1 ( PPPoE Client )
PPPoE-Client#sh pppoe session
    1 client session

Uniq ID  PPPoE  RemMAC          Port                    VT  VA         State
          SID  LocMAC                                      VA-st      Type
   N/A     39  cc02.124b.0000  Et1/0                  Di1  Vi2        UP      
               ca00.124b.001c                              UP              
PPPoE-Client#

PPPoE-Client#sh logging
*Apr 15 01:38:51.527: %DIALER-6-BIND: Interface Vi2 bound to profile Di1
*Apr 15 01:38:51.531: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up
*Apr 15 01:38:53.647: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up


R3 ( PPPoE Server )
PPPoE-Server#sh pppoe session
    1 session  in LOCALLY_TERMINATED (PTA) State
    1 session  total

Uniq ID  PPPoE  RemMAC          Port                    VT  VA         State
          SID  LocMAC                                      VA-st
    41     40  ca00.124b.001c  Et0/0                    1  Vi1.1      PTA  
               cc02.124b.0000                              UP         


[ confirm source IP of ubuntu-1 is NATed from 10.0.0.100 to 10.0.0.254 when accessing to ubuntu-2 ]

ubuntu-1 : 10.0.0.100
R1 :10.0.0.254
ubuntu-2 : 20.0.0.100

root@ubuntu-1:~# ifconfig eth0 | egrep "inet addr"
         inet addr:10.0.0.100  Bcast:10.0.0.255  Mask:255.255.255.0
root@ubuntu-2:~# ifconfig eth0 | egrep -i "inet addr"
         inet addr:20.0.0.100  Bcast:20.0.0.255  Mask:255.255.255.0

ping to ubuntu-2 on ubuntu-1 n’ capture ping traffics on ubuntu-2

ping succeed n’ source IP of ubuntu-1 is NATed
root@ubuntu-1:~# ping 20.0.0.100 -c 1
PING 20.0.0.100 (20.0.0.100) 56(84) bytes of data.
64 bytes from 20.0.0.100: icmp_seq=1 ttl=62 time=16.4 ms

--- 20.0.0.100 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 16.445/16.445/16.445/0.000 ms

root@ubuntu-2:~# tshark -i eth0 icmp
Running as user "root" and group "root". This could be dangerous.
Capturing on eth0
 0.000000   10.0.0.254 -> 20.0.0.100   ICMP Echo (ping) request
 0.000097   20.0.0.100 -> 10.0.0.254   ICMP Echo (ping) reply

Thx for reading :)

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.