ensp_PPPOE、NAT、DHCP服务器搭建
0x0 拓扑图
- 需求
- PPPOE服务器为设置202.100.1.2/24
- 要求客户端可以使用PPPOE服务获取IP
- 要求使用chap认证
- 每个局域网使用DHCP服务获取IP
- 再局域网出口做一个NAT地址转换,使用公网地址对外网进行转换
0x1 指令配置
- PPPOE Server
ip pool pppoe network 202.100.1.0 mask 255.255.255.0 excluded-ip-address 202.100.1.2 dns-list 8.8.8.8 local-user lcy2218 password cipher 2218 local-user lcy2218 service-type ppp interface Virtual-Template1 remote address pool pppoe ppp authentication-mode chap ip address 202.100.1.2 255.255.255.0 interface GigabitEthernet0/0/0 pppoe-server bind Virtual-Template 1 interface LoopBack1 ip address 9.9.9.9 255.255.255.0 - PPPOE Client1
dhcp enable ip pool dhcp_pool //内网DHCP地址池 gateway-list 192.168.1.254 network 192.168.1.0 mask 255.255.255.0 dns-list 8.8.8.8 interface GigabitEthernet0/0/1 ip address 192.168.1.254 255.255.255.0 //内网网关 dhcp select global acl number 2000 //内网上公网使用easy ip rule 5 permit source 192.168.1.0 0.0.0.255 ip route-static 0.0.0.0 0.0.0.0 202.100.1.2 //静态路由 interface Dialer1 link-protocol ppp //使用PPP协议 ppp chap user lcy2218 ppp chap password cipher 2218 ip address ppp-negotiate //拨号接口地址从pppoe的服务器写上得到 dialer user lcy2218 //标识 dialer bundle 1 // #指定dialer 1 接口的编号 nat outbound 2000 dialer-rule dialer-rule 1 ip permit interface GigabitEthernet0/0/0//#将pppoe拨号接口绑定到出接口 pppoe-client dial-bundle-number 1 - PPPOE Client2
dhcp enable ip pool dhcp_pool gateway-list 192.168.2.254 network 192.168.2.0 mask 255.255.255.0 dns-list 114.114.114.114 interface GigabitEthernet0/0/1 ip address 192.168.1.254 255.255.255.0 dhcp select global ip route-static 0.0.0.0 0.0.0.0 202.100.1.2 acl number 2000 rule 5 permit source 192.168.2.0 0.0.0.255 interface Dialer1 link-protocol ppp ppp chap user lcy2219 ppp chap password cipher 2219 ip address ppp-negotiate dialer user lcy2219 dialer bundle 1 nat outbound 2000 dialer-rule dialer-rule 1 ip permit interface GigabitEthernet0/0/0 pppoe-client dial-bundle-number 1
0x2 连通性配置
- client1拨号上网
-
PC2 获取地址
- PC2 访问回环地址9.9.9.9
