华为模拟PPPoE连网配置方法
华为模拟PPPoE连网配置方法Gateway配置gateway 私网部分<Huawei>system-viewsysnamegatewaydhcpenable//全局开启DHCP服务gateway192.168.1.1//配置网关network192.168.1.0 mask 24//配置子网段excluded-ip-address192.168.1.200 192.168.1.254//配置不参与地址池IPleaseday 0 hour 12 minute 0//配置租约dns-list114.114.114.114 8.8.8.8//配置DNS displaythisquitinterfaceGigabitEthernet 0/0/1dhcpselect global //接口DHCP选择全局quitPPPoE server创建环回口和PPPOE服务端的地址池<Huawei>system-viewsysnameserverinterfaceloopback 0ipaddress100.100.100.100 32quitippool zurkj//创建名为zurkj的地址池gateway-list200.1.1.1//配置网关地址network200.1.1.0 mask 29//配置网段 掩码为29位dns-list114.114.114.114 8.8.8.8//配置DNSdisplaythisquit创建虚拟模板接口interfaceVirtual-Template 1//创建虚拟接口模板 编号为1pppauthentication-mode pap//PPP认证模式PAPipaddress 200.1.1.1 29remoteaddress pool zurkj//远程地址池引用zurkj(给对端分配地址)quit物理接口绑定虚拟模板interfaceGigabitEthernet 0/0/0pppoe-serverbind virtual-template 1//PPPOE服务绑定虚拟模板1quit配置认证aaa //进入AAAlocal-userad123456 password cipher admin1234//创建本地用户ad123456密码admin1234local-userad123456 service-type ppp//本地用户服务类型PPPlocal-userad654321 password cipher admin1234local-userad654321 service-type pppquit Gateway配置拨号规则dialer-rule//创建拨号规则dialer-rule1 ip permit//拨号规则1 允许IP触发(只要有IP流量就可以拨号)quitPPP配置interfaceDialer 1//创建一个拨号接口 号为1dialeruser zurkj//拨号用户zurkj(注意此用户非ISP拨号用户)dialer-group1//拨号组 编号1dialerbundle 1//拨号绑定 1ppppap local-user ad123456 password simple admin1234//配置PPP拨号用户名和密码ipaddress ppp-negotiate//配置IP地址为PPP协商#interfaceDialer1 link-protocol ppp ppp pap local-user ad123456 password simpleadmin1234 ip address ppp-negotiate dialer user zurkj dialer bundle 1 dialer-group 1#Returnquit
配置物理接口调用dialer规则interfaceGigabitEthernet 0/0/0pppoe-clientdial-bundle-number 1//PPPOE客户端 拨号规则绑定到前面创建的编号1quitdisplayip interface brief*down:administratively down^down:standby(l):loopback(s):spoofingThe numberof interface that is UP in Physical is 4The numberof interface that is DOWN in Physical is 1The numberof interface that is UP in Protocol is 3The numberof interface that is DOWN in Protocol is 2 Interface IP Address/Mask Physical Protocol Dialer1 200.1.1.6/32 up up(s) //这是PPP协商获取到的ISP地址GigabitEthernet0/0/0 unassigned up down GigabitEthernet0/0/1 192.168.1.1/24 up up GigabitEthernet0/0/2 unassigned down down NULL0 unassigned up up(s)
配置默认路由iproute-static 0.0.0.0 0 Dialer 1//默认路由下一跳指向拨号接口另一种方案undoip route-static all//取消默认路由interfaceDialer 1//进入创建好的dialer 1接口pppipcp default-route//PPP协商一条默认路由displaythis #interfaceDialer1 link-protocol ppp ppp ipcp default-route ppp pap local-user ad123456 password simpleadmin1234 ip address ppp-negotiate dialer user zurkj dialer bundle 1 dialer-group 1#Return
重启端口,让PPP重新协商interfaceGigabitEthernet 0/0/0shutdownundoshutdownquitdisplayip routing-table(同样获取一条默认路由)
ping100.100.100.100 (ping server的环回口地址)PING 200.2.2.2: 56data bytes, press CTRL_C to break Reply from 100.100.100.100: bytes=56Sequence=1 ttl=255 time=40 ms Reply from 100.100.100.100: bytes=56Sequence=2 ttl=255 time=20 ms Reply from 100.100.100.100: bytes=56Sequence=3 ttl=255 time=20 ms Reply from 100.100.100.100: bytes=56Sequence=4 ttl=255 time=20 ms Reply from 100.100.100.100: bytes=56Sequence=5 ttl=255 time=20 ms--- 100.100.100.100 ping statistics --- 5 packet(s) transmitted 5 packet(s) received 0.00% packet lossround-trip min/avg/max = 20/24/40 ms
PC下发完地址Ping 100.100.100.100 发现失败PC>ping100.100.100.100Ping 100.100.100.100:32 data bytes, Press Ctrl_C to breakRequesttimeout!Requesttimeout!Requesttimeout!Requesttimeout!Requesttimeout!--- 100.100.100.100ping statistics ---5 packet(s) transmitted0 packet(s) received100.00% packet loss
Gateway需要配置nat转换后再次进行访问公网acl2000//创建标准访问控制列表rulepermit source any//配置规则允许所有IP源访问quitinterfaceDialer 1//进入拨号接口 2natoutbound 2000//配置出口调用ACL2000进行NAT转换(注意要配置在IP层面,不要配置到物理端口上去)
下面优化对于PPPOE拨号经常容易遇到的一个问题,就是有时候打开一些网页会显示打不开,或者图片不显示的问题。这个的话可以通过把MTU与TCP的MSS修改下就可以了。
建议的话,MTU在1492即可,因为PPPOE会多出8字节的头部,而MSS在1200~1452之间。mtu1492tcpadjust-mss 1452再次使用PC Ping 100.100.100.100PC>ping100.100.100.100Ping100.100.100.100: 32 data bytes, Press Ctrl_C to breakFrom100.100.100.100: bytes=32 seq=1 ttl=254 time=31 msFrom100.100.100.100: bytes=32 seq=2 ttl=254 time=16 msFrom100.100.100.100: bytes=32 seq=3 ttl=254 time=31 msFrom100.100.100.100: bytes=32 seq=4 ttl=254 time=16 msFrom100.100.100.100: bytes=32 seq=5 ttl=254 time=15 ms---100.100.100.100 ping statistics ---5 packet(s) transmitted5 packet(s) received0.00% packet lossround-trip min/avg/max = 15/21/31 ms
页:
[1]
