設定從Windows電腦到Cisco路由器的PPPoE會話

簡介

本檔案介紹在Windows機器（用作PPPoE使用者端）和用作PPPoE伺服器的Cisco路由器之間設定乙太網路點對點連線(PPPoE)的程式。

必要條件

需求

思科建議您瞭解端到端第1層連線是使用者優先順序(UP)。

採用元件

本文件所述內容不限於特定軟體和硬體版本。

本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除（預設）的組態來啟動。如果您的網路正在作用，請確保您已瞭解任何指令可能造成的影響。

設定

網路圖表

本檔案使用如下圖所示的網路設定：

組態

BRAS配置

aaa new-model

! Enabling AAA on router

!

aaa authentication ppp PPPOE-METD group PPPOE-RADIUS

! Defining AAA method list for PPP Authentication

aaa authorization network PPPOE-AUTHOR-METD group PPPOE-RADIUS

! Defining AAA method list for PPP Authorization

aaa accounting network PPPOE-ACCT-METD start-stop group PPPOE-RADIUS

! Defining AAA method list for PPP Accounting

!

aaa group server radius PPPOE-RADIUS

! Defining AAA Server Group named PPPOE-RADIUS
server-private 10.106.39.253 key cisco
ip radius source-interface GigabitEthernet0/0/0

!

bba-group pppoe BBA-TEST
virtual-template 10

!

interface GigabitEthernet0/0/1.47
encapsulation dot1Q 1 native
pppoe enable group BBA-TEST
end

!

interface Virtual-Template10
ip unnumbered Loopback10
peer default ip address pool local

! Calling three named AAA Method lists configured above under this Virtual Template
ppp authentication pap chap PPPOE-METD
ppp authorization PPPOE-AUTHOR-METD
ppp accounting PPPOE-ACCT-METD
end

!

ip local pool local 192.168.1.2 192.168.1.10

!

interface Loopback10
ip address 192.168.1.1 255.255.255.255
end

!

Windows電腦配置和設定

完成以下步驟，從充當PPPoE客戶端的Windows電腦啟動PPPoE會話。

步驟1.開啟網路與共用中心，然後按一下Set up a new connection or network，如下圖所示。

步驟2.如圖所示，選擇Connect to the Internet，然後按一下Next。

步驟3.選擇仍然設定新連接，如下圖所示：

步驟4.選擇否，建立新連接，如下圖所示：

步驟5.如圖所示，按一下Broadband(PPPoE):

步驟6.如圖所示，輸入用戶名、密碼和連接名，然後按一下 連線。

這將向伺服器啟動PPPoE會話。檢查驗證部分，如下圖所示：

驗證

步驟1.再次開啟Networks頁籤，選擇網路（在此示例中命名為PPPOE-USER）並驗證狀態。輸入使用者名稱和密碼後，按一下Connect以啟動會話，如下圖所示：

步驟2.開啟命令提示符，並運行ipconfig /all命令以檢查協商的IP地址，如下圖所示：

步驟3.啟用debug pppoe event、debug pppoe error和debug ppp negotiation以檢查PPPoE會話的建立。我們還可以啟用debug radius以檢視與Radius伺服器交換的消息。

BRAS#show debugging

 

PPP:
PPP protocol negotiation debugging is on
PPPoE:
PPPoE protocol events debugging is on
PPPoE protocol errors debugging is on

 

Radius protocol debugging is on
Radius packet protocol debugging is on

 

Debug snippet:


BRAS#
*Sep 19 18:44:14.531: PPPoE 0: I PADI R:0050.56ad.7206 L:ffff.ffff.ffff Gi0/0/1.47

 

! Receiving PPPoE Active Discovery Initiation (PADI) broadcast packet from Windows Machine (MAC 0050.56ad.7206) on Router interface Gi0/0/1.47


*Sep 19 18:44:14.531: Service tag: NULL Tag
*Sep 19 18:44:14.531: PPPoE 0: O PADO, R:d867.d99f.6601 L:0050.56ad.7206 Gi0/0/1.47

 

! Sending PPPoE Active Discovery Offer (PADO) unicast packet from  Router interface Gi0/0/1.47 (MAC d867.d99f.6601 ) to Windows Machine (MAC 0050.56ad.7206)


*Sep 19 18:44:14.531: Service tag: NULL Tag
*Sep 19 18:44:14.533: PPPoE 0: I PADR R:0050.56ad.7206 L:d867.d99f.6601 Gi0/0/1.47

 

! Receiving PPPoE Active Discovery Request (PADR) unicast packet from Windows Machine (MAC 0050.56ad.7206) on Router interface Gi0/0/1.47


*Sep 19 18:44:14.533: Service tag: NULL Tag
*Sep 19 18:44:14.533: PPPoE : encap string prepared
*Sep 19 18:44:14.533: [76]PPPoE 63: Access IE handle allocated
*Sep 19 18:44:14.533: [76]PPPoE 63: AAA get retrieved attrs
*Sep 19 18:44:14.533: [76]PPPoE 63: AAA get nas port details
*Sep 19 18:44:14.533: [76]PPPoE 63: Error adjusting nas port format did
*Sep 19 18:44:14.533: [76]PPPoE 63: AAA get dynamic attrs
*Sep 19 18:44:14.533: [76]PPPoE 63: AAA unique ID 88 allocated
*Sep 19 18:44:14.533: [76]PPPoE 63: No AAA accounting method list
*Sep 19 18:44:14.534: [76]PPPoE 63: Service request sent to SSS
*Sep 19 18:44:14.534: [76]PPPoE 63: Created, Service: None R:d867.d99f.6601 L:0050.56ad.7206 Gi0/0/1.47
*Sep 19 18:44:14.534: [76]PPPoE 63: State NAS_PORT_POLICY_INQUIRY Event SSS MORE KEYS
*Sep 19 18:44:14.534: PPP: Alloc Context [7FE79EC0D8C8]
*Sep 19 18:44:14.534: ppp76 PPP: Phase is ESTABLISHING
*Sep 19 18:44:14.534: [76]PPPoE 63: data path set to PPP
*Sep 19 18:44:14.534: [76]PPPoE 63: Segment (SSS class): PROVISION

 

! We can also enable 'debug sss events' and 'debug sss error' to debug this stage


*Sep 19 18:44:14.534: [76]PPPoE 63: State PROVISION_PPP Event SSM PROVISIONED
*Sep 19 18:44:14.534: [76]PPPoE 63: O PADS R:0050.56ad.7206 L:d867.d99f.6601 Gi0/0/1.47

 

! Sending PPPoE Active Discovery Session Confirmation  (PADS) unicast packets from  Router interface Gi0/0/1.47 (MAC d867.d99f.6601 ) to Windows Machine (MAC 0050.56ad.7206)


*Sep 19 18:44:14.534: [76]PPPoE 63: Unable to Add ANCP Line attributes to the PPPoE Authen attributes

 

! Access Node Control Protocol (ANCP) is configured between the Digital Subscriber Line Access Concentrator (DSLAM) and Broadband Remote Access Server (BRAS), which is used to aggregate traffic from multiple subscribers and deliver information for any application independently. More information related to ANCP could be found here. It is expected for the IOS to print this message even if ANCP is not enabled.

 

*Sep 19 18:44:14.534: ppp76 PPP: Using vpn set call direction
*Sep 19 18:44:14.534: ppp76 PPP: Treating connection as a callin
*Sep 19 18:44:14.534: ppp76 PPP: Session handle[8800004C] Session id[76]
*Sep 19 18:44:14.534: ppp76 LCP: Event[OPEN] State[Initial to Starting]
*Sep 19 18:44:14.534: ppp76 PPP LCP: Enter passive mode, state[Stopped]
*Sep 19 18:44:14.539: ppp76 LCP: I CONFREQ [Stopped] id 0 len 21
*Sep 19 18:44:14.539: ppp76 LCP: MRU 1480 (0x010405C8)
*Sep 19 18:44:14.539: ppp76 LCP: MagicNumber 0x61EB5A46 (0x050661EB5A46)
*Sep 19 18:44:14.539: ppp76 LCP: PFC (0x0702)
*Sep 19 18:44:14.539: ppp76 LCP: ACFC (0x0802)
*Sep 19 18:44:14.539: ppp76 LCP: Callback 6 (0x0D0306)
*Sep 19 18:44:14.539: ppp76 LCP: O CONFREQ [Stopped] id 1 len 18
*Sep 19 18:44:14.539: ppp76 LCP: MRU 1492 (0x010405D4)
*Sep 19 18:44:14.539: ppp76 LCP: AuthProto PAP (0x0304C023)
*Sep 19 18:44:14.539: ppp76 LCP: MagicNumber 0x7B063BEA (0x05067B063BEA)
*Sep 19 18:44:14.539: ppp76 LCP: O CONFREJ [Stopped] id 0 len 7
*Sep 19 18:44:14.539: ppp76 LCP: Callback 6 (0x0D0306)
*Sep 19 18:44:14.539: ppp76 LCP: Event[Receive ConfReq-] State[Stopped to REQsent]
*Sep 19 18:44:14.540: ppp76 LCP: I CONFACK [REQsent] id 1 len 18
*Sep 19 18:44:14.540: ppp76 LCP: MRU 1492 (0x010405D4)
*Sep 19 18:44:14.540: ppp76 LCP: AuthProto PAP (0x0304C023)
*Sep 19 18:44:14.540: ppp76 LCP: MagicNumber 0x7B063BEA (0x05067B063BEA)
*Sep 19 18:44:14.540: ppp76 LCP: Event[Receive ConfAck] State[REQsent to ACKrcvd]
*Sep 19 18:44:14.540: ppp76 LCP: I CONFREQ [ACKrcvd] id 1 len 18
*Sep 19 18:44:14.540: ppp76 LCP: MRU 1480 (0x010405C8)
*Sep 19 18:44:14.540: ppp76 LCP: MagicNumber 0x61EB5A46 (0x050661EB5A46)
*Sep 19 18:44:14.540: ppp76 LCP: PFC (0x0702)
*Sep 19 18:44:14.540: ppp76 LCP: ACFC (0x0802)
*Sep 19 18:44:14.540: ppp76 LCP: O CONFACK [ACKrcvd] id 1 len 18
*Sep 19 18:44:14.540: ppp76 LCP: MRU 1480 (0x010405C8)
*Sep 19 18:44:14.540: ppp76 LCP: MagicNumber 0x61EB5A46 (0x050661EB5A46)
*Sep 19 18:44:14.540: ppp76 LCP: PFC (0x0702)
*Sep 19 18:44:14.540: ppp76 LCP: ACFC (0x0802)
*Sep 19 18:44:14.540: ppp76 LCP: Event[Receive ConfReq+] State[ACKrcvd to Open]
*Sep 19 18:44:14.541: ppp76 LCP: I IDENTIFY [Open] id 2 len 18 magic 0x61EB5A46MSRASV5.20
*Sep 19 18:44:14.541: ppp76 LCP: I IDENTIFY [Open] id 3 len 24 magic 0x61EB5A46MSRAS-0-ADMIN-PC
*Sep 19 18:44:14.541: ppp76 LCP: I IDENTIFY [Open] id 4 len 24 magic 0x61EB5A46sPPY.X`I?Z5SWE}}
*Sep 19 18:44:14.541: ppp76 PPP: Queue PAP code[1] id[78]
*Sep 19 18:44:14.563: ppp76 PPP: Phase is AUTHENTICATING, by this end
*Sep 19 18:44:14.564: ppp76 PAP: Redirect packet to ppp76
*Sep 19 18:44:14.564: ppp76 PAP: I AUTH-REQ id 78 len 11 from "cisco"

 

! Incoming Authentication Request from Windows Machine using User name "cisco"


*Sep 19 18:44:14.564: ppp76 PAP: Authenticating peer cisco
*Sep 19 18:44:14.564: ppp76 PPP: Phase is FORWARDING, Attempting Forward
*Sep 19 18:44:14.564: ppp76 LCP: State is Open
*Sep 19 18:44:14.564: ppp76 PPP: Phase is AUTHENTICATING, Unauthenticated User
*Sep 19 18:44:14.564: RADIUS/ENCODE(00000088):Orig. component type = PPPoE
*Sep 19 18:44:14.564: RADIUS: DSL line rate attributes successfully added
*Sep 19 18:44:14.564: RADIUS/ENCODE: Skip encoding 0 length AAA Cisco vsa password
*Sep 19 18:44:14.564: RADIUS(00000088): Config NAS IP: 10.106.39.212
*Sep 19 18:44:14.564: RADIUS(00000088): Config NAS IPv6: ::
*Sep 19 18:44:14.564: RADIUS/ENCODE: No idb found! Framed IP Addr might not be included
*Sep 19 18:44:14.564: RADIUS/ENCODE(00000088): acct_session_id: 125
*Sep 19 18:44:14.564: RADIUS(00000088): Config NAS IP: 10.106.39.212
*Sep 19 18:44:14.564: RADIUS(00000088): sending
*Sep 19 18:44:14.564: RADIUS(00000088): Send Access-Request to 10.106.39.253:1645 id 1645/106, len 147

 

! Sending an Access-Request to Radius Server at 10.106.39.253 on port 1645.


*Sep 19 18:44:14.564: RADIUS: authenticator C1 5B AA 62 1D E1 31 6C - 16 A5 CE 92 D6 9C 12 E7
*Sep 19 18:44:14.564: RADIUS: Framed-Protocol [7] 6 PPP [1]
*Sep 19 18:44:14.564: RADIUS: User-Name [1] 7 "cisco"
*Sep 19 18:44:14.564: RADIUS: User-Password [2] 18 *
*Sep 19 18:44:14.564: RADIUS: NAS-Port-Type [61] 6 Virtual [5]
*Sep 19 18:44:14.564: RADIUS: NAS-Port [5] 6 0
*Sep 19 18:44:14.564: RADIUS: NAS-Port-Id [87] 9 "0/0/1/1"
*Sep 19 18:44:14.564: RADIUS: Vendor, Cisco [26] 41
*Sep 19 18:44:14.564: RADIUS: Cisco AVpair [1] 35 "client-mac-address=0050.56ad.7206"
*Sep 19 18:44:14.564: RADIUS: Service-Type [6] 6 Framed [2]
*Sep 19 18:44:14.564: RADIUS: NAS-IP-Address [4] 6 10.106.39.212
*Sep 19 18:44:14.564: RADIUS: Acct-Session-Id [44] 10 "0000007D"
*Sep 19 18:44:14.564: RADIUS: Nas-Identifier [32] 12 "BRAS"
*Sep 19 18:44:14.564: RADIUS(00000088): Sending a IPv4 Radius Packet
*Sep 19 18:44:14.564: RADIUS(00000088): Started 5 sec timeout
*Sep 19 18:44:14.566: RADIUS: Received from id 1645/106 10.106.39.253:1645, Access-Accept, len 52

 

! Receiving an Access-Accep from Radius Server


*Sep 19 18:44:14.566: RADIUS: authenticator C0 0D 6C 33 F1 A3 04 27 - F0 C2 76 F5 54 FD E2 42
*Sep 19 18:44:14.566: RADIUS: Class [25] 32
*Sep 19 18:44:14.566: RADIUS: 4A 83 05 60 00 00 01 37 00 01 0A 6A 27 FD 01 D2 12 2E 98 D0 4F B0 00 00 00 00 00 00 00 14 [ J`7j'.O]
*Sep 19 18:44:14.566: RADIUS(00000088): Received from id 1645/106
*Sep 19 18:44:14.566: ppp76 PPP: Phase is FORWARDING, Attempting Forward
*Sep 19 18:44:14.568: [76]PPPoE 63: State LCP_NEGOTIATION Event SSS CONNECT LOCAL
*Sep 19 18:44:14.568: [76]PPPoE 63: Segment (SSS class): UPDATED
*Sep 19 18:44:14.568: [76]PPPoE 63: Segment (SSS class): BOUND
*Sep 19 18:44:14.568: [76]PPPoE 63: data path set to Virtual Acess
*Sep 19 18:44:14.569: [76]PPPoE 63: State LCP_NEGOTIATION Event SSM UPDATED
*Sep 19 18:44:14.569: Vi2.1 PPP: Phase is AUTHENTICATING, Authenticated User
*Sep 19 18:44:14.569: Vi2.1 PAP: O AUTH-ACK id 78 len 5
*Sep 19 18:44:14.569: Vi2.1 PPP: Reducing MTU to peer's MRU
*Sep 19 18:44:14.569: [76]PPPoE 63: AAA get dynamic attrs
*Sep 19 18:44:14.569: Vi2.1 PPP: Phase is UP
*Sep 19 18:44:14.569: Vi2.1 IPCP: Protocol configured, start CP. state[Initial]
*Sep 19 18:44:14.569: Vi2.1 IPCP: Event[OPEN] State[Initial to Starting]
*Sep 19 18:44:14.569: Vi2.1 IPCP: O CONFREQ [Starting] id 1 len 10
*Sep 19 18:44:14.569: Vi2.1 IPCP: Address 192.168.1.1 (0x0306C0A80101)
*Sep 19 18:44:14.569: Vi2.1 IPCP: Event[UP] State[Starting to REQsent]
*Sep 19 18:44:14.569: [76]PPPoE 63: State PTA_BINDING Event STATIC BIND RESPONSE
*Sep 19 18:44:14.569: [76]PPPoE 63: Connected PTA
<snip>
*Sep 19 18:44:14.572: Vi2.1 IPCP: Event[Receive ConfReq+] State[ACKrcvd to Open]
*Sep 19 18:44:14.595: Vi2.1 IPCP: State is Open
*Sep 19 18:44:14.595: PPPoE : ipfib_encapstr prepared
*Sep 19 18:44:14.596: Vi2.1 Added to neighbor route AVL tree: topoid 0, address 192.168.1.2
*Sep 19 18:44:14.596: Vi2.1 IPCP: Install route to 192.168.1.2

! Installing route to PPPoE client

BRAS#sh caller ip
Line User IP Address Local Number Remote Number <->
Vi2.1 cisco 192.168.1.2 - - in
BRAS# ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

疑難排解

目前尚無適用於此組態的具體疑難排解資訊。但是，我們可以在相關調試的幫助下應用與PPP和PPPoE相關的標準故障排除技術。

相關資訊

• 技術支援與文件 - Cisco Systems