Cisco PPPoE Server Configuration Example

ReneMolenaar · December 26, 2016, 7:15pm

This topic is to discuss the following lesson:

https://networklessons.com/cisco/ccie-routing-switching/cisco-pppoe-server-configuration-example/

njrusmc · February 16, 2014, 8:42pm

Never knew about ip local pool before. Very cool. Also, you don’t need to set the mtu on the VT interface since the VAccess that gets spawned will already account for the PPPoE overhead. The Dialer won’t though, and we do need mtu 1492 there.

system · May 30, 2014, 7:17pm

For non-static clients’ IPs we can use local pools or dhcp:

! ------ R2 Client
!
interface Dialer0
 ip address dhcp
! or
!ip address negotiated

! ------ R1 Server
!
ip dhcp excluded-address 144.10.1.1 144.10.1.4
ip dhcp pool PPPoE 
   network 144.10.1.0 255.255.255.0
! or
! ip local pool PPPoE 144.10.1.5 144.10.1.9
!
interface Virtual-Template1
 peer ip address forced 
 peer default ip address dhcp-pool PPPoE
! or
!peer ip address forced
!peer default ip address pool PPPoE

The local pools differ from the DHCP in assigning /32 to the clients.
The OSPF RFC says that OSPF ignores subnet mask on point-to-point links, however we won’t be able to have adjacency between /24 and /32, since the client finds itself in an isolated network.

system · June 3, 2014, 1:29pm

Hi Rene,
when I write “bba-group pppoe global” in global config mode, on generic or 2811 router, it shows:
invalid input detected…! what’s the problem from?

ReneMolenaar · June 3, 2014, 1:34pm

Hi Sarah,

It’s probably because the IOS version on your 2811 doesn’t support this command. You might want to check that and perhaps upgrade the image.

Rene

system · June 3, 2014, 5:06pm

thanks, I tested it in packet tracer but it seems it has not been simulated in packet tracer.
I’m just practicing. in a simple topology that I need, there is one switch in center and one 2811 and one linksys router connected to switch. can I use PPPOE on linksys to conennct to 2811? and if yes, how should I config the “2811”?

ReneMolenaar · June 4, 2014, 8:49am

Ah that makes sense. Packet tracer has all the CCNA and some CCNP commands, but stuff like this you won’t find there…better to use GNS3 or some real routers.

ReneMolenaar · June 6, 2014, 12:33pm

Oh and if the linksys supports PPPOE, it should work but it’s hard to tell if or what changed you should make. The problem with end-consumer hardware is that things are always different

Best to try PPPOE between two Cisco routers first and when it works, replace the client with your Linksys and try to make it work.

ReneMolenaar · June 25, 2014, 9:25am

Thanks for sharing Alex!

system · September 5, 2014, 8:36pm

Best clear, concise and no fuss description of PPPoE I have seen. Many thanks

ReneMolenaar · September 10, 2014, 10:24am

Thanks Peter!

johnfrades · September 10, 2015, 7:48am

nice lessons. it would be better if this have a little more theory. especially the Phases that is happening in PPPoE

mikelive · November 4, 2015, 4:11pm

Can anyone give examples of two additional items.

Can you pass thru DHCP from a local server? Using the IP Helper etc.

I would like to use this pppoe for remote ip phones how do I use authentication?

Kind Regards,

Mike

ReneMolenaar · November 4, 2015, 8:10pm

Hi Mike,

Sure this is no problem, you can put ip helper on the virtual-template interface of the PPPoE server.

Rene

mikelive · November 4, 2015, 8:55pm

Thanks Rene,

How do you configure user / passwords for the PPPoE profile. is it a standard user line?

How do configure the access list to allow PPPoE from the internet?

ReneMolenaar · November 4, 2015, 10:16pm

You should be able to make authentication work with local usernames yes.

If you want to filter PPPoE then you should filter the protocol:

0x8863 PPPoE Discovery Stage
0x8864 PPPoE Session Stage

You should be able to filter these with MAC addresses.

What exactly do you want to use PPPoE for?

kxdemon · February 8, 2016, 4:55pm

I agree with Frades! It is good idea to explain little more about pppoe stages with wireshark’s examples and authentication, because most of ISPs use pppoe for authentication of their clients.

Best regards!

jugn78 · June 1, 2016, 9:22pm

Hi.

Could you tell me, please, how can authentication be configured ?

Also I have seen options like:

dialer idle-timeout
dialer persistent delay

But I have not found documentation about this. Could you help me with these, please?.

Thanks.

ReneMolenaar · June 3, 2016, 12:21pm

Hi Jaime,

Here’s how you can add client CHAP authentication:

SERVER(config)#username CLIENT password CLIENT_PASSWORD

SERVER(config)#interface Virtual-template 1
SERVER(config-if)#ppp authentication chap

CLIENT(config)#interface Dialer 1
CLIENT(config-if)#ppp authentication chap 
CLIENT(config-if)#ppp chap hostname CLIENT
CLIENT(config-if)#ppp chap password CLIENT_PASSWORD
CLIENT(config-if)#ppp authentication chap callin

If you want to find a certain command, check out the Master Index on the Cisco website. For example:

Here are all dialer commands:

Dialer idle-timeout:
To specify the duration of idle time before a line is disconnected, use the dialer idle-timeout command in interface configuration mode. To reset the idle timeout to the default, use the no form of this command.

dialer persistent
To force a dialer interface to be connected at all times, even in the absence of interesting traffic, use the dialer persistent command in interface configuration mode. To disable this option, use the no form of this command.

delay
(Optional) Sets the delay before an attempt to reestablish a persistent connection after a network error has disrupted it.

Rene

zizozoro1 · July 12, 2016, 3:10am

I did it on 2 cisco routers 1841 … thanks Rene. you are the best !