PPPoE на Cisco 871
- From
- Dmitriy Romanov (2:478/37.1)
- To
- Slawa Olhovchenkov (2:5054/37.63)
- Date
- 2009-07-17T08:58:04Z
- Area
- RU.CISCO
Привет Slawa!
Писал как-то Slawa Olhovchenkov к Dmitriy Romanov 16.07.2009 в 19:16:38,
а я смотрю и фигею
DR>>>> interface FastEthernet2
DR>>>> pppoe-client dial-pool-number 1
SO>>> а я глючу или у 871 Fa2 -- это порт свича?
DR>> Нет, не глючишь. оно так и есть.
DR>> Ну можно конечно сделать влан и его к нему привязать, но мне хоцца именно
DR>> вот так.
SO> перехочется
ладно, поправил на 4. все равно не пашет.
DR>> На влан он не дает сделать pppoe-client - говорит низзя.
SO> охренеть. а софт у тебя какой?
в смысле софт?
testrouter#sh ver
Cisco IOS Software, C870 Software (C870-ADVIPSERVICESK9-M), Version 12.4(15)T7, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Thu 14-Aug-08 07:43 by prod_rel_team
SO>>> в Fa4 конфигури.
DR>> А если я хочу именно на Fa2 ? Я хочу 4 оставить для других целей.
SO> перехоти. не бывает pppoe на L2 интерфейсах
Ну я попробовал. Все равно нивзлитело.
testrouter#sh run
Building configuration...
Current configuration : 4040 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname testrouter
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-3248528725
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3248528725
revocation-check none
rsakeypair TP-self-signed-3248528725
!
!
crypto pki certificate chain TP-self-signed-3248528725
certificate self-signed 01
30820251 308201BA A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33323438 35323837 3235301E 170D3032 30333031 32313134
33375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32343835
32383732 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100DB89 77EF24E0 FF2CBF7B 49075F42 9CBF4DCC 5F9226F7 F056E410 0D0CF573
07E34B19 66AF6A79 D61ABF8D 2C285E5C BA3DC39E 32D932FA A8AA8A31 CB5CCEAD
CB4083AC 8D4A84DA 426271C5 03C60AFA D387B2B3 99D014B4 338741B3 29991771
6072124A 3FE6BB37 A07212EE BB5DDE16 DDAD0361 35E96C55 8C700016 7A5481DF
55830203 010001A3 79307730 0F060355 1D130101 FF040530 030101FF 30240603
551D1104 1D301B82 19746573 74726F75 7465722E 796F7572 646F6D61 696E2E63
6F6D301F 0603551D 23041830 16801468 AD3FE74E FC3C954E 2C54B8EC 1A2FA13C
5DC9A530 1D060355 1D0E0416 041468AD 3FE74EFC 3C954E2C 54B8EC1A 2FA13C5D
C9A5300D 06092A86 4886F70D 01010405 00038181 00A15329 BDDE49C6 2B142DF2
B1B21F83 AA15309B 0DFF3B7C F8A83183 3350357A 3E4C839A FEB16101 1ABA7DC1
16834F8D D0290673 ADA74E27 BA0C53DA 509303FD DA4F583C DA172B90 FE9DB10B
D6499E9B E199A6B8 E3006DF2 8CE2261F 9906D54B 99F37674 A28AAEBC BD2781D1
3E80A077 ABEEA29F 6C21C368 B4456402 24A6EAA8 4C
quit
dot11 syslog
ip cef
!
!
!
!
no ip domain lookup
ip domain name yourdomain.com
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group 1
request-dialin
protocol pppoe
!
!
!
username admin privilege 15 secret 5 $1$KXF/$cSn8acXDeFwhppur.0fZZ1
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
lifetime 3600
crypto isakmp key testpass address 192.168.250.3
!
!
crypto ipsec transform-set TestTransformSet esp-3des esp-sha-hmac
mode transport
!
crypto map TestMap 1 ipsec-isakmp
set peer 192.168.250.3
set security-association lifetime seconds 86400
set transform-set TestTransformSet
set pfs group2
match address TestAccessList
!
archive
log config
hidekeys
!
!
!
!
bba-group pppoe global
!
!
interface Loopback2
ip address 10.1.2.1 255.255.255.0
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
no ip address
duplex auto
speed auto
pppoe-client dial-pool-number 1
!
interface FastEthernet4.4094
encapsulation dot1Q 4094 native
no cdp enable
!
interface Vlan1
ip address 192.124.200.2 255.255.0.0
no ip redirects
no ip proxy-arp
ip tcp adjust-mss 1452
!
interface Dialer1
mtu 1492
ip address negotiated
no ip proxy-arp
encapsulation ppp
no ip mroute-cache
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname cisco
ppp chap password 0 cisco
ppp direction dedicated
ppp pap sent-username cisco password 0 cisco
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip access-list extended TestAccessList
permit ipinip host 192.168.250.2 host 192.168.250.3
permit ipinip host 192.168.250.3 host 192.168.250.2
!
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end
На сем разрешите письмо закончить. Elec.
--- Таймыр 2.00
* Origin: В свинарнике не стыдно быть свиньей (2:478/37.1)
SEEN-BY: 46/50 450/186 1024 451/30 452/25 154 463/68 469/418 478/0 37 4614/20
SEEN-BY: 4615/21 5000/5000 5001/100 5001 5002/89 5003/58 5004/58 5010/126
SEEN-BY: 5011/13 5012/9 30 46 5015/28 5019/26 5020/175 400 545 715 758 830
SEEN-BY: 5020/1042 1641 1721 2238 4441 5021/29 5022/128 5023/11 5025/3 750
SEEN-BY: 5026/49 5027/12 5029/60 5030/115 500 830 966 1256 1900 5033/21
SEEN-BY: 5035/18 38 5042/12 13 5045/7 5049/96 5051/40 5052/4 5054/1 4 8 9 28
SEEN-BY: 5054/30 36 37 67 75 81 89 5058/42 999 5059/37 5062/10 5063/3 5070/156
SEEN-BY: 5075/35 5077/70 5080/31 68 80 111 237 1003 5083/1 5084/9 5085/13 131
SEEN-BY: 5090/108 5093/55 5095/20 5096/18 6001/10 6004/3 6009/3 6055/2 6078/0
SEEN-BY: 6078/1 6083/12
�PATH: 478/37 5020/830 5080/1003 5020/4441 545 5054/1 37