Point to Point sobre Ethernet (PPPoE) Cisco utilizando el emulador EVE-NG.
El PPP (Protocolo punto a punto) fue utilizado originalmente en las interfaces seriales para las interfaces point-to-point, también ha sido utilizado para las conexiones de acceso telefónico a Internet. PPP tiene la capacidad de asignar direcciones IP a los extremos remotos de un enlace PPP.
Alrededor del año 2000, aparece DSL y conexiones a Internet por cable y los ISP querían seguir usando PPP. Como los enlaces Ethernet no admiten PPP de forma nativa, se creó PPPoE (PPP por Ethernet) que permite el envío de tramas encapsuladas dentro de tramas de Ethernet.
PPP admite autenticación CHAP. Los ISP lo prefieren ya que durante la autenticación revisan los registros contables para determinar si el cliente está al día con el pago, antes de permitirle conectarse a Internet.
El PPPoE requiere un grupo BBA - BroadBand Access, (acceso de banda ancha), que se utiliza para establecer las sesiones PPPoE. Puede crear varios grupos BBA o utilizar el grupo BBA global:
Escenario:
Configurar el servidor PPPoE:
1. Cambiar hostname del servidor PPPoE a pppoe-server.
2. Crear un grupo pppoe que llamaremos global.
3. Definir la interfaz que utilizará el grupo creado en el paso anterior (virtual-Template 1).
4. Asignar una dirección IP a la interfaz virtual.
5. Modificar el valor del mtu a 1492
6. Definir un nombre, (pppoe-pool), para el pool de direcciones ip
7. Autenticación
Router(config)#hostname pppoe-server
pppoe-server(config)#bba-group pppoe global
pppoe-server(config-bba-group)#
*Dec 10 17:06:28.475: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
*Dec 10 17:06:29.483: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up
pppoe-server(config-bba-group)#virtual-template 1
pppoe-server(config-bba-group)#exit
pppoe-server(config)#interface virtual-Template 1
pppoe-server(config-if)#ip address 10.1.1.1 255.255.255.0
pppoe-server(config-if)#mtu 1492
pppoe-server(config-if)#peer default ip address pool pppoe-pool
pppoe-server(config-if)#ppp authentication chap callin
pppoe-server(config-if)#exit
pppoe-server(config)#ip local pool pppoe-pool 10.1.1.250 10.1.1.254
pppoe-server(config)#username cliente1 password dnicliente1
pppoe-server(config)#username cliente2 password dnicliente2
pppoe-server(config)#int e0/0
pppoe-server(config-if)#pppoe enable group global
pppoe-server(config-if)#no shut
pppoe-server(config-if)#
*Dec 10 17:10:51.655: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
*Dec 10 17:10:52.659: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up
pppoe-server(config-if)#exit
pppoe-server(config)#exit
pppoe-server#db
*Dec 10 17:11:03.439: %SYS-5-CONFIG_I: Configured from console by console
pppoe-server#debug ppp authentication
PPP authentication debugging is on
pppoe-server#write
Building configuration...
[OK]
pppoe-server#
Configurar los clientes PPPoE
CLIENTE 1:
Router(config)#hostname cliente1
cliente1(config)#int dialer 1
cliente1(config-if)#mtu 1492
cliente1(config-if)#encapsulation ppp
cliente1(config-if)#ip address negotiated
cliente1(config-if)#ppp chap hostname cliente1
cliente1(config-if)#ppp chap password dnicliente1
cliente1(config-if)#dialer pool 1
cliente1(config-if)#exit
cliente1(config)#inter e0/0
cliente1(config-if)#do debug ppp authe
PPP authentication debugging is on
cliente1(config-if)#no shut
*Dec 10 17:18:11.679: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
*Dec 10 17:18:12.683: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to upl
cliente1(config-if)#pppoe-client dial-pool-number 1
cliente1(config-if)#
*Dec 10 17:18:25.031: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
*Dec 10 17:18:25.035: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
cliente1(config-if)#
*Dec 10 17:18:25.039: Vi1 PPP: Using dialer call direction
*Dec 10 17:18:25.039: Vi1 PPP: Treating connection as a callout
*Dec 10 17:18:25.039: Vi1 PPP: Session handle[7000001] Session id[1]
*Dec 10 17:18:25.063: Vi1 CHAP: I CHALLENGE id 1 len 33 from "pppoe-server"
*Dec 10 17:18:25.063: Vi1 PPP: Sent CHAP SENDAUTH Request
*Dec 10 17:18:25.063: Vi1 PPP: Received SENDAUTH Response FAIL
*Dec 10 17:18:25.063: Vi1 CHAP: Using hostname from interface CHAP
*Dec 10 17:18:25.063: Vi1 CHAP: Using password from interface CHAP
*Dec 10 17:18:25.063: Vi1 CHAP: O RESPONSE id 1 len 29 from "cliente1"
*Dec 10 17:18:25.079: Vi1 CHAP: I SUCCESS id 1 len 4
cliente1(config-if)#
*Dec 10 17:18:26.087: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up
cliente1(config-if)#
pppoe-server#
*Dec 10 17:18:24.283: ppp1 PPP: Using vpn set call direction
*Dec 10 17:18:24.283: ppp1 PPP: Treating connection as a callin
*Dec 10 17:18:24.283: ppp1 PPP: Session handle[CE000001] Session id[1]
*Dec 10 17:18:24.315: ppp1 CHAP: O CHALLENGE id 1 len 33 from "pppoe-server"
*Dec 10 17:18:24.319: ppp1 CHAP: I RESPONSE id 1 len 29 from "cliente1"
*Dec 10 17:18:24.319: ppp1 PPP: Sent CHAP LOGIN Request
*Dec 10 17:18:24.319: ppp1 PPP: Received LOGIN Response PASS
*Dec 10 17:18:24.335: Vi1.1 CHAP: O SUCCESS id 1 len 4
cliente1(config-if)#do sh ip inter brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 unassigned YES unset up up
Ethernet0/1 unassigned YES unset administratively down down
Ethernet0/2 unassigned YES unset administratively down down
Ethernet0/3 unassigned YES unset administratively down down
Virtual-Access1 unassigned YES unset up up
Dialer1 10.1.1.250 YES IPCP up up
cliente1(config-if)#
pppoe-server#sh pppoe session
1 session in LOCALLY_TERMINATED (PTA) State
1 session total
Uniq ID PPPoE RemMAC Port VT VA State
SID LocMAC VA-st Type
1 1 aabb.cc00.2000 Et0/0 1 Vi1.1 PTA
aabb.cc00.1000 UP
ppoe-server#sh ip interface brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 unassigned YES unset up up
Ethernet0/1 unassigned YES unset administratively down down
Ethernet0/2 unassigned YES unset administratively down down
Ethernet0/3 unassigned YES unset administratively down down
Virtual-Access1 unassigned YES unset up up
Virtual-Access1.1 10.1.1.1 YES manual up up
Virtual-Template1 10.1.1.1 YES manual down down
Virtual-Access2 unassigned YES unset down down
pppoe-server#
cliente1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
cliente1#
CLIENTE 2:
Router(config)#hostname cliente2
cliente2(config)#inter dialer 1
cliente2(config-if)#mtu 1492
cliente2(config-if)#encapsulation ppp
cliente2(config-if)#ip address negotiated
cliente2(config-if)#ppp chap hostname cliente2
cliente2(config-if)#ppp chap password dnicliente2
cliente2(config-if)#dialer pool 1
cliente2(config-if)#int e0/0
cliente2(config-if)#do debug ppp authe
PPP authentication debugging is on
cliente2(config-if)#no shut
cliente2(config-if)#
*Dec 10 17:39:13.059: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
*Dec 10 17:39:14.063: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up
cliente2(config-if)#pppoe-client dial-pool-number 1
cliente2(config-if)#
*Dec 10 17:40:29.879: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
*Dec 10 17:40:29.887: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
cliente2(config-if)#
*Dec 10 17:40:29.887: Vi1 PPP: Using dialer call direction
*Dec 10 17:40:29.887: Vi1 PPP: Treating connection as a callout
*Dec 10 17:40:29.887: Vi1 PPP: Session handle[A3000001] Session id[1]
*Dec 10 17:40:29.927: Vi1 CHAP: I CHALLENGE id 1 len 33 from "pppoe-server"
*Dec 10 17:40:29.927: Vi1 PPP: Sent CHAP SENDAUTH Request
*Dec 10 17:40:29.927: Vi1 PPP: Received SENDAUTH Response FAIL
*Dec 10 17:40:29.927: Vi1 CHAP: Using hostname from interface CHAP
*Dec 10 17:40:29.927: Vi1 CHAP: Using password from interface CHAP
*Dec 10 17:40:29.927: Vi1 CHAP: O RESPONSE id 1 len 29 from "cliente2"
*Dec 10 17:40:29.943: Vi1 CHAP: I SUCCESS id 1 len 4
cliente2(config-if)#
*Dec 10 17:40:30.943: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up
cliente2(config-if)#do wri
Building configuration...
[OK]
cliente2(config)#end
*Dec 10 17:41:32.227: %SYS-5-CONFIG_I: Configured from console by console
cliente2#sh ip interface brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 unassigned YES unset up up
Ethernet0/1 unassigned YES unset administratively down down
Ethernet0/2 unassigned YES unset administratively down down
Ethernet0/3 unassigned YES unset administratively down down
Virtual-Access1 unassigned YES unset up up
Dialer1 10.1.1.251 YES IPCP up up
cliente2#
pppoe-server#
Dec 10 17:40:29.711: ppp2 PPP: Using vpn set call direction
*Dec 10 17:40:29.711: ppp2 PPP: Treating connection as a callin
*Dec 10 17:40:29.711: ppp2 PPP: Session handle[39000002] Session id[2]
*Dec 10 17:40:29.755: ppp2 CHAP: O CHALLENGE id 1 len 33 from "pppoe-server"
*Dec 10 17:40:29.759: ppp2 CHAP: I RESPONSE id 1 len 29 from "cliente2"
*Dec 10 17:40:29.759: ppp2 PPP: Sent CHAP LOGIN Request
*Dec 10 17:40:29.759: ppp2 PPP: Received LOGIN Response PASS
*Dec 10 17:40:29.775: Vi1.2 CHAP: O SUCCESS id 1 len 4
pppoe-server#
cliente1#sh ip interface brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 unassigned YES unset up up
Ethernet0/1 unassigned YES unset administratively down down
Ethernet0/2 unassigned YES unset administratively down down
Ethernet0/3 unassigned YES unset administratively down down
Virtual-Access1 unassigned YES unset up up
Dialer1 10.1.1.250 YES IPCP up up
cliente2#sh ip interface brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 unassigned YES unset up up
Ethernet0/1 unassigned YES unset administratively down down
Ethernet0/2 unassigned YES unset administratively down down
Ethernet0/3 unassigned YES unset administratively down down
Virtual-Access1 unassigned YES unset up up
Dialer1 10.1.1.251 YES IPCP up up
cliente2#
cliente2#sh interfaces virtual-access 1
Virtual-Access1 is up, line protocol is up
Hardware is Virtual Access interface
MTU 1492 bytes, BW 56 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Stopped: CDPCP
Open: IPCP
PPPoE vaccess, cloned from Dialer1
Vaccess status 0x44, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 5 seconds on reset
Interface is bound to Di1 (Encapsulation PPP)
Last input 00:00:07, output never, output hang never
Last clearing of "show interface" counters 00:07:18
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
94 packets input, 1330 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
93 packets output, 1314 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
cliente2#
cliente2#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
cliente2#
CLIENTE 3:
Router>
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname cliente3
cliente3(config)#interface dialer 1
cliente3(config-if)#mtu 1492
cliente3(config-if)#encapsulation ppp
cliente3(config-if)#ip address negotiated
cliente3(config-if)#ppp chap hostname cliente3
cliente3(config-if)#ppp chap password dnicliente3
cliente3(config-if)#dialer pool 1
cliente3(config-if)#int e0/0
cliente3(config-if)#do debug ppp authe
PPP authentication debugging is on
cliente3(config-if)#no shut
cliente3(config-if)#
*Dec 11 13:05:22.615: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up
cliente3(config-if)#
*Dec 11 13:05:23.619: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up
cliente3(config-if)#pppoe-client dial
cliente3(config-if)#pppoe-client dial-pool-number 1
cliente3(config-if)#end
cliente3#write
*Dec 11 13:05:36.711: %SYS-5-CONFIG_I: Configured from console by console
*Dec 11 13:05:37.687: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
*Dec 11 13:05:37.691: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
cliente3#write
Building configuration...
[OK]
cliente3#
*Dec 11 13:05:37.691: Vi1 PPP: Using dialer call direction
*Dec 11 13:05:37.691: Vi1 PPP: Treating connection as a callout
*Dec 11 13:05:37.691: Vi1 PPP: Session handle[ED000001] Session id[1]
*Dec 11 13:05:37.719: Vi1 CHAP: I CHALLENGE id 1 len 33 from "pppoe-server"
*Dec 11 13:05:37.719: Vi1 PPP: Sent CHAP SENDAUTH Request
*Dec 11 13:05:37.719: Vi1 PPP: Received SENDAUTH Response FAIL
*Dec 11 13:05:37.719: Vi1 CHAP: Using hostname from interface CHAP
*Dec 11 13:05:37.719: Vi1 CHAP: Using password from interface CHAP
*Dec 11 13:05:37.719: Vi1 CHAP: O RESPONSE id 1 len 29 from "cliente3"
*Dec 11 13:05:37.735: Vi1 CHAP: I SUCCESS id 1 len 4
cliente3#
*Dec 11 13:05:38.735: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up
cliente3#
pppoe-server#
*Dec 11 13:05:37.935: ppp3 PPP: Using vpn set call direction
*Dec 11 13:05:37.935: ppp3 PPP: Treating connection as a callin
*Dec 11 13:05:37.935: ppp3 PPP: Session handle[D3000003] Session id[3]
*Dec 11 13:05:37.971: ppp3 CHAP: O CHALLENGE id 1 len 33 from "pppoe-server"
*Dec 11 13:05:37.971: ppp3 CHAP: I RESPONSE id 1 len 29 from "cliente3"
*Dec 11 13:05:37.971: ppp3 PPP: Sent CHAP LOGIN Request
*Dec 11 13:05:37.971: ppp3 PPP: Received LOGIN Response PASS
*Dec 11 13:05:37.987: Vi1.3 CHAP: O SUCCESS id 1 len 4
pppoe-server#
cliente3#sh ip interface brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 unassigned YES unset up up
Ethernet0/1 unassigned YES unset administratively down down
Ethernet0/2 unassigned YES unset administratively down down
Ethernet0/3 unassigned YES unset administratively down down
Virtual-Access1 unassigned YES unset up up
Dialer1 10.1.1.252 YES IPCP up up
cliente3#
cliente3#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
cliente3#
pppoe-server#sh ip interface brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 unassigned YES unset up up
Ethernet0/1 unassigned YES unset administratively down down
Ethernet0/2 unassigned YES unset administratively down down
Ethernet0/3 unassigned YES unset administratively down down
Virtual-Access1 unassigned YES unset up up
Virtual-Access1.1 10.1.1.1 YES manual up up
Virtual-Access1.2 10.1.1.1 YES manual up up
Virtual-Access1.3 10.1.1.1 YES manual up up
Virtual-Template1 10.1.1.1 YES manual down down
Virtual-Access2 unassigned YES unset down down
pppoe-server#
Mikrotik es genial!.
No hay comentarios:
Publicar un comentario