Many internet services providers ( ISP) use a Point-to-Point Protocol over Ethernet (PPPoE) connection for their users. This type of connection helps them save their valuable IP address source because users' IP address are on-demand; automatically provided by ISPs. That is, those IP addresses are not fixed, and can be easily reused. Moreover, using this technology allows the providers authenticate end users with the access control function, perform accounting, and monitor users' behaviors to ensure security.
The following figure is a typical model for PPPoE setup.
A connection is established between Router A and Router B, which are PPPoE client and PPPoE Server correspondingly. This connection (point-to-point protocol) uses an account which is provided by the ISP, and have PAP and/or CHAP security method.
For example, assume we want to setup a PPPoE connection to have an internet access. We have a SRX device and we know the account to connect to the ISP.
So after having fe-0/0/7 as the interface connecting to the internet line, we'll configure a virtual interface (logical interface) pp0 playing as PPPoE client port.
set interfaces fe-0/0/7 unit 0 encapsulation ppp-over-ether
set interfaces pp0 unit 0 ppp-options chap default-chap-secret <PASSWORD>Don't forget to configure a default route to this interface and add it to a zone.
set interfaces pp0 unit 0 ppp-options chap local-name <USERNAME>
set interfaces pp0 unit 0 ppp-options chap passive
set interfaces pp0 unit 0 pppoe-options underlying-interface fe-0/0/7.0
set interfaces pp0 unit 0 pppoe-options idle-timeout 0
set interfaces pp0 unit 0 pppoe-options auto-reconnect 3
set interfaces pp0 unit 0 pppoe-options client
set interfaces pp0 unit 0 family inet mtu 1492
set interfaces pp0 unit 0 family inet negotiate-address
set routing-options static route 0.0.0.0/0 next-hop pp0.0
set security zones security-zone untrust interfaces pp0.0
Done! After having all the configurations, we should now have an internet connection.
Troubleshooting
show ppp statistics
show pppoe statistics
show interfaces pp0
Note that some ISPs store your old modem device's MAC address in their PPPoE device, so you might have to ask them to reboot their device to receive your new MAC.
No comments:
Post a Comment