Scribd
Upload
64 views4 pages

PPPoE-CONF ENCONTRADA NA NET

This document contains configuration settings for a BRAS router. It defines AAA authentication and accounting using RADIUS, sets up interfaces including a PPPoE interface, configures routing and ACLs, and defines the RADIUS server settings.

Uploaded by

Fábio Farias
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
64 views4 pages

PPPoE-CONF ENCONTRADA NA NET

This document contains configuration settings for a BRAS router. It defines AAA authentication and accounting using RADIUS, sets up interfaces including a PPPoE interface, configures routing and ACLs, and defines the RADIUS server settings.

Uploaded by

Fábio Farias
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 4

version 15.

4
service timestamps debug datetime msec
service timestamps log datetime msec
no service dhcp
no platform punt-keepalive disable-kernel-core
platform hardware throughput level 5000000
!
hostname BRAS_2
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable secret 5 $1$zmQx$o9m4DE91f4eA3ZQdHKzYu.
!
aaa new-model
!
!
aaa group server radius RADIUS_BRAS
server name RADIUS_SERV_1
!
aaa authentication login default local
aaa authentication login PPPoE_LIST group RADIUS_BRAS
aaa authentication ppp default local
aaa authentication ppp PPPoE_LIST group RADIUS_BRAS
aaa authorization network default group RADIUS_BRAS
aaa authorization network PPPoE_LIST group RADIUS_BRAS
aaa authorization subscriber-service default local group RADIUS_BRAS
aaa accounting network PPPoE_LIST start-stop group RADIUS_BRA
!
!
!
!
aaa server radius dynamic-author
client 172.19.1.10
auth-type any
!
aaa session-id common
aaa policy interface-config allow-subinterface
!
transport-map type persistent webui WEB_INT
server
secure-server
!

no ip domain lookup
ip domain name x.net

ip dhcp relay information option


ip dhcp relay information trust-all
!
!

!
!
subscriber service password service
no subscriber templating
virtual-profile virtual-template 10
!
multilink virtual-template 10
multilink bundle-name authenticated
!

!
license udi pid ASR1002-X sn JAE181701N9
license accept end user agreement
license boot level advipservices
archive
log config
logging enable
logging size 300
spanning-tree extend system-id
!
!
redundancy
mode sso
!

!
cdp run
!
class-map type control match-any PPPoE_CM
match service-name PPPoE_SRV
!
policy-map type control PPPoE
class type control PPPoE_CM event service-start
10 service-policy type service identifier service-name
!
class type control always event session-start
10 authenticate aaa list PPPoE_AUTHEN
!
!
!
policy-map 1M_IN
class class-default
police 1000000 1000000
policy-map 1M_OUT
class class-default
police 1000000 1000000
!

bba-group pppoe BBA_PPPoE


virtual-template 10
!
bba-group pppoe TEST_PPPoE
virtual-template 20
sessions per-vc limit 8
sessions per-mac limit 2
sessions per-vlan limit 50
!
!
interface Loopback10
ip address x.x.138.1 255.255.255.0
!
interface Loopback20
ip address 192.168.5.1 255.255.255.255
!
interface Loopback2000
no ip address
!
interface GigabitEthernet0/0/0
no ip address
speed 1000
no negotiation auto
!
interface GigabitEthernet0/0/0.2011
ip unnumbered Loopback2000
!
interface GigabitEthernet0/0/0.2056
encapsulation dot1Q 2056
pppoe enable group BBA_PPPoE
!
interface GigabitEthernet0/0/1
no ip address
negotiation auto
!
interface GigabitEthernet0/0/1.1
encapsulation dot1Q 1 native
ip address x.x.161.7 255.255.255.240
ip access-group OUTSIDE in
!
interface GigabitEthernet0/0/1.511
encapsulation dot1Q 511
ip address 172.19.1.5 255.255.255.0
!
interface GigabitEthernet0/0/2
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/0/3
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/0/4
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/0/5
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
ip address 10.0.99.102 255.255.255.0
negotiation auto
!
interface Virtual-Template10
ip unnumbered Loopback10
no ip redirects
peer default ip address pool STATIC
ppp authentication chap PPPoE_LIST
ppp authorization PPPoE_LIST
ppp accounting PPPoE_LIST
ppp ipcp dns x.x.161.20 x.x.161.30
!
router ospf 1
router-id x.x.161.7
shutdown
network x.x.161.0 0.0.0.15 area 0
!
ip local pool STATIC x.x.138.2 x.x.138.254
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 x.x.161.5
ip route x.x..23.99 255.255.255.255 x.x.161.5
ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 10.0.99.254
!
permit ip any any
ip access-list extended OUTSIDE
permit ip any host x.x.161.7
permit ip any x.x.138.0 0.0.0.255
deny ip any any
!
ip radius source-interface GigabitEthernet0/0/1.511

access-list 23 permit x.x..47.26


access-list 23 permit x.x..23.96 0.0.0.15
access-list 23 permit x.x.161.0 0.0.0.255

!
!
!
radius-server attribute 44 include-in-access-req default-vrf
radius-server attribute 6 on-for-login-auth
radius-server attribute 8 include-in-access-req
radius-server attribute 32 include-in-access-req
radius-server attribute 32 include-in-accounting-req
radius-server attribute 55 include-in-acct-req
radius-server attribute 55 access-request include
radius-server attribute 4 172.19.1.5
!
radius server RADIUS_SERV_1
address ipv4 172.19.1.10 auth-port 1812 acct-port 1813
key xxxxxxxxxxxx
!

You might also like