Scribd
Upload
46 views

PPPoE-CONF ENCONTRADA NA NET

This document contains configuration settings for a BRAS router. It defines AAA authentication and accounting using RADIUS, sets up interfaces including a PPPoE interface, configures routing and ACLs, and defines the RADIUS server settings.

Uploaded by

Fábio Farias
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
46 views

PPPoE-CONF ENCONTRADA NA NET

This document contains configuration settings for a BRAS router. It defines AAA authentication and accounting using RADIUS, sets up interfaces including a PPPoE interface, configures routing and ACLs, and defines the RADIUS server settings.

Uploaded by

Fábio Farias
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 4

version 15.

4
service timestamps debug datetime msec
service timestamps log datetime msec
no service dhcp
no platform punt-keepalive disable-kernel-core
platform hardware throughput level 5000000
!
hostname BRAS_2
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable secret 5 $1$zmQx$o9m4DE91f4eA3ZQdHKzYu.
!
aaa new-model
!
!
aaa group server radius RADIUS_BRAS
server name RADIUS_SERV_1
!
aaa authentication login default local
aaa authentication login PPPoE_LIST group RADIUS_BRAS
aaa authentication ppp default local
aaa authentication ppp PPPoE_LIST group RADIUS_BRAS
aaa authorization network default group RADIUS_BRAS
aaa authorization network PPPoE_LIST group RADIUS_BRAS
aaa authorization subscriber-service default local group RADIUS_BRAS
aaa accounting network PPPoE_LIST start-stop group RADIUS_BRA
!
!
!
!
aaa server radius dynamic-author
client 172.19.1.10
auth-type any
!
aaa session-id common
aaa policy interface-config allow-subinterface
!
transport-map type persistent webui WEB_INT
server
secure-server
!

no ip domain lookup
ip domain name x.net

ip dhcp relay information option


ip dhcp relay information trust-all
!
!

!
!
subscriber service password service
no subscriber templating
virtual-profile virtual-template 10
!
multilink virtual-template 10
multilink bundle-name authenticated
!

!
license udi pid ASR1002-X sn JAE181701N9
license accept end user agreement
license boot level advipservices
archive
log config
logging enable
logging size 300
spanning-tree extend system-id
!
!
redundancy
mode sso
!

!
cdp run
!
class-map type control match-any PPPoE_CM
match service-name PPPoE_SRV
!
policy-map type control PPPoE
class type control PPPoE_CM event service-start
10 service-policy type service identifier service-name
!
class type control always event session-start
10 authenticate aaa list PPPoE_AUTHEN
!
!
!
policy-map 1M_IN
class class-default
police 1000000 1000000
policy-map 1M_OUT
class class-default
police 1000000 1000000
!

bba-group pppoe BBA_PPPoE


virtual-template 10
!
bba-group pppoe TEST_PPPoE
virtual-template 20
sessions per-vc limit 8
sessions per-mac limit 2
sessions per-vlan limit 50
!
!
interface Loopback10
ip address x.x.138.1 255.255.255.0
!
interface Loopback20
ip address 192.168.5.1 255.255.255.255
!
interface Loopback2000
no ip address
!
interface GigabitEthernet0/0/0
no ip address
speed 1000
no negotiation auto
!
interface GigabitEthernet0/0/0.2011
ip unnumbered Loopback2000
!
interface GigabitEthernet0/0/0.2056
encapsulation dot1Q 2056
pppoe enable group BBA_PPPoE
!
interface GigabitEthernet0/0/1
no ip address
negotiation auto
!
interface GigabitEthernet0/0/1.1
encapsulation dot1Q 1 native
ip address x.x.161.7 255.255.255.240
ip access-group OUTSIDE in
!
interface GigabitEthernet0/0/1.511
encapsulation dot1Q 511
ip address 172.19.1.5 255.255.255.0
!
interface GigabitEthernet0/0/2
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/0/3
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/0/4
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/0/5
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
ip address 10.0.99.102 255.255.255.0
negotiation auto
!
interface Virtual-Template10
ip unnumbered Loopback10
no ip redirects
peer default ip address pool STATIC
ppp authentication chap PPPoE_LIST
ppp authorization PPPoE_LIST
ppp accounting PPPoE_LIST
ppp ipcp dns x.x.161.20 x.x.161.30
!
router ospf 1
router-id x.x.161.7
shutdown
network x.x.161.0 0.0.0.15 area 0
!
ip local pool STATIC x.x.138.2 x.x.138.254
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 x.x.161.5
ip route x.x..23.99 255.255.255.255 x.x.161.5
ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 10.0.99.254
!
permit ip any any
ip access-list extended OUTSIDE
permit ip any host x.x.161.7
permit ip any x.x.138.0 0.0.0.255
deny ip any any
!
ip radius source-interface GigabitEthernet0/0/1.511

access-list 23 permit x.x..47.26


access-list 23 permit x.x..23.96 0.0.0.15
access-list 23 permit x.x.161.0 0.0.0.255

!
!
!
radius-server attribute 44 include-in-access-req default-vrf
radius-server attribute 6 on-for-login-auth
radius-server attribute 8 include-in-access-req
radius-server attribute 32 include-in-access-req
radius-server attribute 32 include-in-accounting-req
radius-server attribute 55 include-in-acct-req
radius-server attribute 55 access-request include
radius-server attribute 4 172.19.1.5
!
radius server RADIUS_SERV_1
address ipv4 172.19.1.10 auth-port 1812 acct-port 1813
key xxxxxxxxxxxx
!

You might also like