No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Examples for NE and ME60 Routers in Typical Enterprise Scenarios 2.0

This document provides NE series routers typical configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring PPPoE Access

Example for Configuring PPPoE Access

This section provides an example for configuring PPPoE access.

Applicable Products and Versions

This configuration example applies to ME60 series routers running V600R002C02 or later.

Networking Requirements

On the network shown in Figure 1-16, to allow the user to go online, configure PPPoE access. The requirements are as follows:

  • The user belongs to the domain isp1 and accesses the Internet through GE 1/0/2 on the router in PPPoE mode. The connected device supports the dial-up function.

  • RADIUS authentication and RADIUS accounting are used.

  • The IP address of the RADIUS server is 192.168.7.249. The authentication and accounting ports are 1645 and 1646, respectively. The RADIUS+1.1 protocol is adopted, with the key being itellin123456@123.

  • The IP address of the DNS server is 192.168.7.252.

Figure 1-16  Networking for configuring PPPoE access

Configuration Roadmap

The configuration roadmap is as follows:
  1. Configure a virtual template (VT).

  2. Configure AAA schemes.

  3. Configure a RADIUS server group.

  4. Configure an IPv4 address pool.

  5. Configure a domain.

  6. Bind the VT to an interface.

  7. Configure a BAS interface.

Data Preparation

To complete the configuration, you need the following data:
  • VT number
  • Authentication and accounting schemes and their names
  • RADIUS server group name and server address
  • DNS server address
  • User domain
  • BAS interface parameters

Procedure

  1. Configure a VT.

    <HUAWEI> system-view
    [HUAWEI] interface Virtual-Template 1
    [HUAWEI-Virtual-Template1] ppp authentication-mode chap
    [HUAWEI-Virtual-Template1] quit

  2. Configure an authentication scheme.

    [HUAWEI] aaa
    [HUAWEI-aaa] authentication-scheme auth1
    [HUAWEI-aaa-authen-auth1] authentication-mode radius
    [HUAWEI-aaa-authen-auth1] quit

  3. Configure an accounting scheme.

    [HUAWEI-aaa] accounting-scheme acct1
    [HUAWEI-aaa-accounting-acct1] accounting-mode radius
    [HUAWEI-aaa-accounting-acct1] quit
    [HUAWEI-aaa] quit

  4. Configure a RADIUS server group.

    [HUAWEI] radius-server group rd1
    [HUAWEI-radius-rd1] radius-server authentication 192.168.7.249 1645
    [HUAWEI-radius-rd1] radius-server accounting 192.168.7.249 1646
    [HUAWEI-radius-rd1] radius-server type plus11
    [HUAWEI-radius-rd1] radius-server shared-key itellin123456@123
    [HUAWEI-radius-rd1] quit

  5. Configure an address pool.

    [HUAWEI] ip pool pool1 bas local
    [HUAWEI-ip-pool-pool1] gateway 10.82.0.1 255.255.255.0
    [HUAWEI-ip-pool-pool1] section 0 10.82.0.2 10.82.0.200
    [HUAWEI-ip-pool-pool1] dns-server 192.168.7.252
    [HUAWEI-ip-pool-pool1] quit

  6. Configure a domain named isp1.

    [HUAWEI] aaa
    [HUAWEI-aaa] domain isp1
    [HUAWEI-aaa-domain-isp1] authentication-scheme auth1
    [HUAWEI-aaa-domain-isp1] accounting-scheme acct1
    [HUAWEI-aaa-domain-isp1] radius-server group rd1
    [HUAWEI-aaa-domain-isp1] ip-pool pool1
    [HUAWEI-aaa-domain-isp1] quit
    [HUAWEI-aaa] quit

  7. Bind the VT to an interface.

    # Enable BAS.

    [HUAWEI] license
    [HUAWEI-license] active bas slot 1
    [HUAWEI-license] quit
    NOTE:

    Versions earlier than V600R007C00 do not require BAS activation by license. You can directly run the bas enable command in the slot view.

    # Bind the VT to an interface.

    [HUAWEI] interface GigabitEthernet 1/0/2
    [HUAWEI-GigabitEthernet1/0/2] pppoe-server bind virtual-template 1

  8. Configure a BAS interface.

    [HUAWEI-GigabitEthernet1/0/2] bas
    [HUAWEI-GigabitEthernet1/0/2-bas] access-type layer2-subscriber default-domain authentication isp1
    [HUAWEI-GigabitEthernet1/0/2-bas] authentication-method ppp
    [HUAWEI-GigabitEthernet1/0/2-bas] quit
    [HUAWEI-GigabitEthernet1/0/2] quit
    NOTE:

    In this example, users go online with the domain name isp1 carried in the user name. Therefore, the BAS interface does not need to have any authentication domain configured. If users go online with no domain name carried in the user name, you must specify an authentication domain on the BAS interface.

Configuration Files

#
 sysname HUAWEI
#
license
 active bas slot 1
#
radius-server group rd1
 radius-server shared-key-cipher %^%#t6"k@.XLWT&KRNIY9VL'g!54/Mfhu5)Cq^TD,xAY*4^>9a9W|;sFla="jNg=%^%#
 radius-server authentication 192.168.7.249 1645 weight 0
 radius-server accounting 192.168.7.249 1646 weight 0
 radius-server type plus11
 radius-server traffic-unit kbyte
#
interface Virtual-Template1
 ppp authentication-mode chap
#
interface GigabitEthernet1/0/2
 pppoe-server bind Virtual-Template 1
 bas
  access-type layer2-subscriber default-domain authentication isp1
#
interface GigabitEthernet1/0/1
 ip address 192.168.7.1 255.255.255.0
#
ip pool pool1 bas local
 gateway 10.82.0.1 255.255.255.0
 section 0 10.82.0.2 10.82.0.200
 dns-server  192.168.7.252
#
aaa
authentication-scheme auth1
accounting-scheme acct1
domain isp1
 authentication-scheme auth1
 accounting-scheme acct1
 radius-server group rd1
 ip-pool pool1
#
return
Updated: 2019-05-16

Document ID: EDOC1000120969

Views: 26070

Downloads: 877

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next