PPPoE server configuration example
Network requirements
As shown in Figure 12, Host A and Host B act as PPPoE clients and run PPPoE client dialup software. The Router acts as the PPPoE server, performing local authentication and assigning IP addresses to the users.
The Router provides Internet access for Host A and Host B through Ethernet 1/1. It connects to the Internet through Serial 2/0.
Figure 12: Network diagram
Configuration procedure
Configure CHAP authentication:
# Add a PPPoE user.
<Router> system-view [Router] local-user user1 [Router-luser-user1] password simple pass1 [Router-luser-user1] service-type ppp [Router-luser-user1] quit
# Configure virtual-template 1 on the Router.
[Router] interface virtual-template 1 [Router-Virtual-Template1] ppp authentication-mode chap domain system [Router-Virtual-Template1] ppp chap user user1 [Router-Virtual-Template1] remote address pool 1 [Router-Virtual-Template1] ip address 1.1.1.1 255.0.0.0 [Router-Virtual-Template1] quit
# Configure PPPoE server on the Router.
[Router] interface ethernet 1/1 [Router-Ethernet1/1] pppoe-server bind virtual-template 1 [Router-Ethernet1/1] quit
# Configure local authentication for the users in the default ISP domain system.
[Router] domain system [Router-isp-system] authentication ppp local
# Add a local IP address pool that contains nine IP addresses.
[Router-isp-system] ip pool 1 1.1.1.2 1.1.1.10
Configure MS-CHAP authentication:
# Add a PPPoE user.
<Router> system-view [Router] local-user user1 [Router-luser-user1] password simple pass1 [Router-luser-user1] service-type ppp [Router-luser-user1] quit
# Configure virtual-template 1 on the Router.
[Router] interface virtual-template 1 [Router-Virtual-Template1] ppp authentication-mode ms-chap domain system [Router-Virtual-Template1] remote address pool 1 [Router-Virtual-Template1] ip address 1.1.1.1 255.0.0.0 [Router-Virtual-Template1] quit
# Configure the PPPoE server on the Router.
[Router] interface ethernet 1/1 [Router-Ethernet1/1] pppoe-server bind virtual-template 1 [Router-Ethernet1/1] quit
# Configure local authentication for the users in the default ISP domain system.
[Router] domain system [Router-isp-system] authentication ppp local
# Add a local IP address pool that contains nine IP addresses.
[Router-isp-system] ip pool 1 1.1.1.2 1.1.1.10
Verifying the configuration
After the configuration, Host A and Host B can access the Internet using the username user1 and password pass1 through the Router if they have PPPoE client software installed.
If you specify the authentication scheme as radius-scheme or hwtacacs-scheme by using the authentication ppp command, you must configure RADIUS/HWTACACS settings to enable AAA. For more information, see HPE FlexNetwork MSR Router Series Comware 5 Security Configuration Guide.