No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuration Examples

Configuration Examples

This section provides several PPPoE configuration examples, including network requirements, configuration roadmap, configuration procedure, and configuration files.

Example for Configuring the PPPoE Client

Networking Requirements

As shown in Figure 8-14, the device functioning as the PPPoE client connects to the PPPoE server using GE0/0/0.

Users want the hosts to share an account. If the account is authenticated successfully on the PPPoE server, a PPPoE session is established. Service requirements are as follows:

  • The device establishes a PPPoE session with the PPPoE server using PPP authentication.

  • The device automatically attempts to create a dial-up connection again at intervals after the disconnection.
Figure 8-14  Networking diagram of the device functioning as the PPPoE client

Configuration Roadmap
The configuration roadmap is as follows:
  1. Configure Challenge Handshake Authentication Protocol (CHAP) authentication on the dialer interface so that the device can establish a PPPoE session with the PPPoE server using PPP authentication.
  2. Configure the dial-up mode to automatic dial-up so that the device will automatically attempt to create a dial-up connection again at intervals after the disconnection.

Procedure

  1. Configure the PPPoE server.

    # Configure the authentication mode, IP address allocation mode, and IP address or IP address pool for the PPPoE client. For details about the configuration procedure, see the documentation of the PPPoE server.

  2. Configure a dialer interface.

    <Huawei> system-view
    [Huawei] sysname AP
    [AP] interface dialer 1
    [AP-Dialer1] ppp chap user user1@system
    [AP-Dialer1] ppp chap password cipher huawei123
    [AP-Dialer1] ip address ppp-negotiate
    [AP-Dialer1] quit

  3. Create a PPPoE session.

    [AP] vlan batch 100
    [AP] interface gigabitethernet 0/0/0
    [AP-GigabitEthernet0/0/0] port link-type trunk
    [AP-GigabitEthernet0/0/0] port trunk allow-pass vlan 100
    [AP-GigabitEthernet0/0/0] port trunk pvid vlan 100
    [AP-GigabitEthernet0/0/0] quit
    [AP] interface vlanif 100
    [AP-Vlanif100] pppoe-client dial-bundle-number 1
    [AP-Vlanif100] quit

  4. Configure NAT to translate private addresses of hosts in the LAN to public addresses so that the hosts can dial up to the Internet.

    [AP] acl number 3002
    [AP-acl-adv-3002] rule 5 permit ip source 192.168.10.0 0.0.0.255
    [AP-acl-adv-3002] quit
    [AP] interface dialer 1
    [AP-Dialer1] nat outbound 3002
    [AP-Dialer1] quit

  5. Configure a static route from the local host to the PPPoE server.

    [AP] ip route-static 0.0.0.0 0 dialer 1
    [AP] quit

  6. Verify the configurations.

    # Run the display pppoe-client session summary command to check the PPPoE session status and configuration. The following command output shows that the PPPoE session status is Up and the session configuration is consistent with the data plan and networking.

    <AP> display pppoe-client session summary
    PPPoE Client Session:
    ID   Bundle  Dialer  Intf             Client-MAC    Server-MAC    State
    1    1       1       vlanif00         00e0fc030201  0819a6cd0680  UP

Configuration Files

Configuration file of the PPPoE client

#
 sysname AP
#
vlan batch 100
#
acl number 3002  
 rule 5 permit ip source 192.168.10.0 0.0.0.255
#
interface Dialer1
 link-protocol ppp
 ppp chap user user1@system
 ppp chap password cipher %^%#LHG2'Q8n%8NSLn'4-i'Z18)-%eT"v*||t1Mh;NbH%^%#
 ip address ppp-negotiate
 nat outbound 3002  
#
interface Vlanif100
 pppoe-client dial-bundle-number 1
#
interface GigabitEthernet0/0/0
 port link-type trunk
 port trunk pvid vlan 100
 port trunk allow-pass vlan 100
#
ip route-static 0.0.0.0 0.0.0.0 Dialer1
#
return

Example for Connecting LAN to the Internet Using the ADSL Modem

Networking Requirements

As shown in Figure 8-15, AP connects to ADSL modem using GE0/0/0, and Router connects to the DSLAM using ATM1/0/0.

The private IP addresses of hosts in the LAN are 192.168.10.0/24. Users want hosts in the LAN to access Router using AP and to access the external network. The user name is user1, and the password is huawei123.

Figure 8-15  Networking diagram for connecting a LAN to the Internet using an ADSL modem

Configuration Roadmap
The configuration roadmap is as follows:
  1. Configure AP as the PPPoE client so that hosts in the LAN can access the Internet without installing PPPoE client software.
  2. Configure Router as the PPPoE server to provide RADIUS authentication and accounting functions.
  3. Configure NAT so that LAN users can access the external network.

Procedure

  1. Configure the PPPoE client.

    # Configure the dialer interface.

    <Huawei> system-view
    [Huawei] sysname AP
    [AP] interface dialer 1
    [AP-Dialer1] ppp chap user user1
    [AP-Dialer1] ppp chap password cipher huawei123
    [AP-Dialer1] dialer timer idle 300
    [AP-Dialer1] dialer queue-length 8
    [AP-Dialer1] ip address ppp-negotiate
    [AP-Dialer1] quit

    # Create a PPPoE session.

    [AP] vlan batch 100
    [AP] interface gigabitethernet 0/0/0
    [AP-GigabitEthernet0/0/0] port link-type trunk
    [AP-GigabitEthernet0/0/0] port trunk allow-pass vlan 100
    [AP-GigabitEthernet0/0/0] port trunk pvid vlan 100
    [AP-GigabitEthernet0/0/0] quit
    [AP] interface vlanif 100
    [AP-Vlanif100] pppoe-client dial-bundle-number 1
    [AP-Vlanif100] quit

    # Configure NAT to translate private addresses of hosts in the LAN to public addresses so that the hosts can dial up to the Internet.

    [AP] acl number 3002
    [AP-acl-adv-3002] rule 5 permit ip source 192.168.10.0 0.0.0.255
    [AP-acl-adv-3002] quit
    [AP] interface dialer 1
    [AP-Dialer1] nat outbound 3002
    [AP-Dialer1] quit

    # Configure a static route from the PPPoE client to the PPPoE server.

    [AP] ip route-static 0.0.0.0 0 dialer 1
    [AP] quit

  2. Configure the PPPoE server.

    # Configure the global IP address pool pool1.

    <Huawei> system-view
    [Huawei] sysname Router
    [Router] ip pool pool1
    [Router-ip-pool-pool1] network 100.100.10.0 mask 255.255.255.0
    [Router-ip-pool-pool1] gateway-list 100.100.10.1
    [Router-ip-pool-pool1] quit

    # Configure a PPPoE user.

    [Router] aaa
    [Router-aaa] local-user user1 password
    Please configure the login password (8-128)                                     
    It is recommended that the password consist of at least 2 types of characters, i
    ncluding lowercase letters, uppercase letters, numerals and special characters. 
    Please enter password:                                                          
    Please confirm password:                                                        
    Info: Add a new user.                                                           
    [Router-aaa] local-user user1 service-type ppp
    [Router-aaa] quit
    # Configure RADIUS authentication.
    1. Configure a RADIUS server template.

      [Router] radius-server template shiva
      [Router-radius-shiva] radius-server authentication 129.6.6.66 1812
      [Router-radius-shiva] radius-server accounting 129.6.6.66 1813
      [Router-radius-shiva] radius-server shared-key cipher hello@123
      [Router-radius-shiva] quit
    2. Configure authentication and accounting schemes.

      [Router] aaa
      [Router-aaa] authentication-scheme 1
      [Router-aaa-authen-1] authentication-mode radius
      [Router-aaa-authen-1] quit
      [Router-aaa] accounting-scheme 1
      [Router-aaa-accounting-1] accounting-mode radius
      [Router-aaa-accounting-1] quit
    3. Configure the domain named system and apply authentication scheme 1, accounting scheme 1, and RADIUS server template shiva to the domain.

      [Router-aaa] domain system
      [Router-aaa-domain-system] authentication-scheme 1
      [Router-aaa-domain-system] accounting-scheme 1
      [Router-aaa-domain-system] radius-server shiva
      [Router-aaa-domain-system] quit
      [Router-aaa] quit

    # Create and configure a VT.

    [Router] interface virtual-template 1
    [Router-Virtual-Template1] ppp authentication-mode chap domain system
    [Router-Virtual-Template1] ip address 100.100.10.1 255.255.255.0
    [Router-Virtual-Template1] remote address pool pool1
    [Router-Virtual-Template1] quit

    # Enable the PPPoE server function on the virtual Ethernet interface.

    [Router] interface virtual-ethernet 0/0/1
    [Router-Virtual-Ethernet0/0/1] pppoe-server bind virtual-template 1
    [Router-Virtual-Ethernet0/0/1] quit

    # Configure the ATM interface.

    [Router] interface atm 1/0/0
    [Router-Atm1/0/0] pvc 0/32
    [Router-atm-pvc-Atm1/0/0-0/32] map bridge virtual-ethernet 0/0/1
    [Router-atm-pvc-Atm1/0/0-0/32] quit

  3. Verify the configuration.

    # Run the display pppoe-client session summary command to check the PPPoE session status and configuration. The following command output shows that the PPPoE session status is Up and the session configuration is consistent with the data plan and networking.

    <AP> display pppoe-client session summary
    PPPoE Client Session:
    ID   Bundle  Dialer  Intf             Client-MAC    Server-MAC    State
    0    1       1       vlanif100        54899874dbc7  000000000000  PADI   

    # AP can successfully ping server Router.

Configuration Files
  • Configuration file of AP

    #
     sysname AP
    #
    vlan batch 100
    #
    acl number 3002
     rule 5 permit ip source 192.168.10.0 0.0.0.255
    #
    interface Dialer1
     link-protocol ppp
     ppp chap user user1
     ppp chap password cipher %^%#D]<B>${2C"o|jLLQwm<#=FP[~\b3P!w0Vr6BLp4A%^%#
     ip address ppp-negotiate
     dialer queue-length 8
     dialer timer idle 300
     nat outbound 3002
    #
    interface Vlanif100
     pppoe-client dial-bundle-number 1
    #
    interface GigabitEthernet0/0/0
     port link-type trunk
     port trunk pvid vlan 100
     port trunk allow-pass vlan 100
    #
    ip route-static 0.0.0.0 0.0.0.0 Dialer1
    #
    return
    
  • Configuration file of Router

    #
     sysname Router
    #
    radius-server template shiva
     radius-server shared-key cipher %^%#s2BY1Z1+yAE}!(X0JTHB64T#,K$SFIfN5D!RjIGI%^%#
     radius-server authentication 129.6.6.66 1812 weight 80
     radius-server accounting 129.6.6.66 1813 weight 80
    #
    ip pool pool1
     gateway-list 100.100.10.1
     network 100.100.10.0 mask 255.255.255.0
    #
    aaa
     authentication-scheme 1
      authentication-mode radius
     accounting-scheme 1
      accounting-mode radius
     domain system
      authentication-scheme 1
      accounting-scheme 1
      radius-server  shiva
     local-user user1 password cipher %^%#9T`|L}K(4#J3k=+I8SiJrsM:RO[iy@Uuc:LTQJ,1%^%#
     local-user user1 privilege level 0
     local-user user1 service-type ppp
    #
    interface Virtual-Template1
     ppp authentication-mode chap domain system
     remote address pool pool1
     ppp keepalive retry-times 2
     timer hold 30
     ip address 100.100.10.1 255.255.255.0
    #
    interface Atm1/0/0
     pvc 0/32
      map bridge Virtual-Ethernet0/0/1
    #
    interface Virtual-Ethernet0/0/1
     pppoe-server bind Virtual-Template 1
    #
    return
    
Translation
Download
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 129864

Downloads: 312

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next