Confugración cliente seravidor PPPoE con ip dinámica por IPCPy autenticcación CHAP

Lo dividiremos en 3 pasos
1.- Sesión sin autenticar cliente servidor PPPoE
2.- Autenticación chap
3.- IP dinámica IPCP
4.- Commandos útiles show, debug y MTU
Utilizaremos el siguiente diagrama




1.- Sesión sin autenticar cliente servidor PPPoE

Pimero creamos la "plantilla" que será nuestra interfaz virtual-access, luego el bba-grup y por ultimo la interfaz que conecta con el router cliente
La interfaze virtual-template tiene encapsulación ppp por defecto, por eso no la tenemos que modificar.
interface virtual-template 1
ip address 80.19.19.250 255.255.255.0
bba-group pppoe GR1
 virtual-template 1
interface FastEthernet0/0
 pppoe enable group GR1
end

Parte del cliente
Hay que crear la interface Dialer, como aún no tenemos ip dinámica le asignaremos una estática. 
interface Dialer1
 ip address 80.19.19.1 255.255.255.0
 encapsulation ppp
 dialer pool 1
end
dialer-list 1 protocol ip permit
interface FastEthernet0/0
 pppoe-client dial-pool-number 1
end
2.- Autenticación chap
Creamos la autenticación chap, el servidor tiene que tener el usuario con el que el cliente se va a autenticar en su lista de usuarios local. Si lo hemos hecho bien el link volverá a levantar.
Servidor
username cliente1 password clave1
interface virtual-template 1
 ppp authentication chap
Cliente
interface dialer 1
 ppp chap hostname cliente1
 ppp chap password clave1
3.- IP dinámica IPCP
Servidor creamos el pool y forzamos su uso en el virtual-template 
ip local pool IPCP 80.19.19.10 80.19.19.19
interface virtual-template 1
 peer default ip address pool IPCP

Cliente cambiamos la ip del dialer por la ip dinamica por ipcp



interface Dialer1
 ip address negotiated


comprobamos que la ip nos la ha dado por ipcp



Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            unassigned      YES unset  up                    up
FastEthernet0/1            unassigned      YES unset  administratively down down
Virtual-Access1            unassigned      YES unset  up                    up
Dialer1                    80.19.19.10     YES IPCP   up                    up


4.- Commandos útiles show, debug y MTU

- show pppoe session



servidor#show pppoe session
     1 session  in LOCALLY_TERMINATED (PTA) State
     1 session  total

Uniq ID  PPPoE  RemMAC          Port                    VT  VA         State
           SID  LocMAC                                      VA-st
      2      2  c201.11ac.0000  Fa0/0                    1  Vi2.1      PTA
                c200.11ac.0000                              UP

cliente#show pppoe session
     1 client session

Uniq ID  PPPoE  RemMAC          Port                    VT  VA         State
           SID  LocMAC                                      VA-st
    N/A      2  c200.11ac.0000  Fa0/0                  Di1  Vi1        UP
                c201.11ac.0000                              UP




- show ip local pool #NOMBREPOOL

veremos las ips asignadas



servidor#sh ip local pool IPCP

 Pool                     Begin           End             Free  In use   Blocked
 IPCP                     80.19.19.10     80.19.19.19        9       1       0
Available addresses:
   80.19.19.11
   80.19.19.12
   80.19.19.13
   80.19.19.14
   80.19.19.15
   80.19.19.16
   80.19.19.17
   80.19.19.18
   80.19.19.19
Inuse addresses:
   80.19.19.10        Vi2.1                       cliente1
Held addresses:    Time Remaining
     None


- debug pppoe events
nos permite ver errores de sesion pppoe



*Mar  1 02:41:05.007: [0]PPPoE 7: O PADT  R:c200.11ac.0000 L:c201.11ac.0000 Fa0/0
*Mar  1 02:41:05.019: %DIALER-6-UNBIND: Interface Vi1 unbound from profile Di1
*Mar  1 02:41:05.027: [0]PPPoE 7: Destroying  R:c200.11ac.0000 L:c201.11ac.0000 Fa0/0
*Mar  1 02:41:05.027: PPPoE: Returning Vaccess Virtual-Access1
*Mar  1 02:41:05.103:  Sending PADI: Interface = FastEthernet0/0
*Mar  1 02:41:05.103: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down
cliente#
*Mar  1 02:41:05.335: PPPoE 0: I PADO  R:c200.11ac.0000 L:c201.11ac.0000 Fa0/0
cliente#
*Mar  1 02:41:06.103: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to down
*Mar  1 02:41:07.295:  PPPOE: we've got our pado and the pado timer went off
*Mar  1 02:41:07.295: OUT PADR from PPPoE Session
*Mar  1 02:41:07.303: PPPoE 8: I PADS  R:c200.11ac.0000 L:c201.11ac.0000 Fa0/0
*Mar  1 02:41:07.303: IN PADS from PPPoE Session
*Mar  1 02:41:07.315: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
*Mar  1 02:41:07.319: PPPoE: Virtual Access interface obtained.
*Mar  1 02:41:07.319: PPPoE : encap string prepared
*Mar  1 02:41:07.319: [0]PPPoE 8: data path set to Virtual Acess
cliente#
*Mar  1 02:41:07.331: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
cliente#
*Mar  1 02:41:08.683: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up


Servidor



*Mar  1 02:41:27.451: PPPoE 8: I PADT  R:c201.11ac.0000 L:c200.11ac.0000 Fa0/0
*Mar  1 02:41:27.451: [9]PPPoE 8: Destroying  R:c201.11ac.0000 L:c200.11ac.0000 Fa0/0
*Mar  1 02:41:27.455: PPPoE: Returning Vaccess Virtual-Access2.1
*Mar  1 02:41:27.459: [9]PPPoE 8: AAA account stopped
*Mar  1 02:41:27.575: PPPoE 0: I PADI  R:c201.11ac.0000 L:ffff.ffff.ffff Fa0/0
*Mar  1 02:41:27.579:  Service tag: NULL Tag
*Mar  1 02:41:27.579: PPPoE 0: O PADO, R:c200.11ac.0000 L:c201.11ac.0000 Fa0/0
*Mar  1 02:41:27.579:  Service tag: NULL Tag
servidor#
*Mar  1 02:41:29.483: PPPoE 0: I PADR  R:c201.11ac.0000 L:c200.11ac.0000 Fa0/0
*Mar  1 02:41:29.483:  Service tag: NULL Tag
*Mar  1 02:41:29.483: PPPoE : encap string prepared
*Mar  1 02:41:29.487: [10]PPPoE 9: Access IE handle allocated
*Mar  1 02:41:29.487: [10]PPPoE 9: pppoe SSS switch updated
*Mar  1 02:41:29.487: [10]PPPoE 9: AAA unique ID allocated
*Mar  1 02:41:29.487: [10]PPPoE 9: No AAA accounting method list
*Mar  1 02:41:29.491: [10]PPPoE 9: Service request sent to SSS
*Mar  1 02:41:29.491: [10]PPPoE 9: Created, Service: None R:c200.11ac.0000 L:c201.11ac.0000 Fa0/0
*Mar  1 02:41:29.499: [10]PPPoE 9: State NAS_PORT_POLICY_INQUIRY    Event SSS_LOCAL
servidor#
*Mar  1 02:41:29.503: [10]PPPoE 9: O PADS  R:c201.11ac.0000 L:c200.11ac.0000 Fa0/0
*Mar  1 02:41:29.507: [10]PPPoE 9: State PPP_START    Event DYN_BIND
*Mar  1 02:41:29.507: [10]PPPoE 9: data path set to PPP
*Mar  1 02:41:29.671: [10]PPPoE 9: State LCP_NEGOTIATION    Event PPP_LOCAL
*Mar  1 02:41:29.671: PPPoE 9/SB: Sent vtemplate request on base Vi2
*Mar  1 02:41:29.747: [10]PPPoE 9: State VACCESS_REQUESTED    Event VA_RESP
*Mar  1 02:41:29.747: [10]PPPoE 9: Vi2.1 interface obtained
*Mar  1 02:41:29.751: [10]PPPoE 9: State PTA_BINDING    Event STAT_BIND
*Mar  1 02:41:29.751: [10]PPPoE 9: data path set to Virtual Acess
*Mar  1 02:41:29.751: [10]PPPoE 9: Connected PTA


- Hay que tener cuidado con la mtu, la encapsulación PPPoE utiliza 4 bytes



servidor#show interface Virtual-Access2.1
Virtual-Access2.1 is up, line protocol is up
  Hardware is Virtual Access interface
  Internet address is 1.1.1.1/24
  MTU 1492 bytes, BW 100000 Kbit/sec, DLY 100000 usec,






Recomendable cambiarlo en el cliente tambien



interface dialer 1
 ip mtu 1492




Como una imagen vale mas que mil palabras lo voy a explicar en un video























Etiquetas:
,
,
,