 |
|
|
|
|
|
|
|
|
|
» Forum |
|
 |
 |
  |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
 |
 |
 |
 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
PPPoE server |
 | |
» Products | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
 |
|
How to Install & Configure a PPPoE serverPPPoE Server Installation: PrefacePPPoE (Point-to-Point Protocol over Ethernet) is a network protocol for encapsulating PPP frames in Ethernet frames. Just as pptp, it allows organizing subscriber network access by using authorization, encryption, compression etc. For providing access via PPPoE it is required a PPPoE network access server (NAS) and a subscriber’s unit (PPPoE client). In this guide as a PPPoE network access server it is used a freeware packet rp-pppoe working in kernel mode on Gentoo Linux (rp-pppoe project web-page: http://www.roaringpenguin.com/penguin/open_source_rp-pppoe.php). As a client it is used a Microsoft Windows 2003 based PC and raspppoe packet (raspppoe packet project web-page: http://www.raspppoe.com/). Authorization of subscribers is carried out via RADIUS protocol by using a joint repository of subscriber information in the ISP billing system "UTM 5" developed by NetUP. PPPoE Network Access Server Installation & ConfigurationFor setting up a server it is necessary to install pppd packages supporting RADIUS protocol and rp-pppoe. In order to install pppd, add a string net-dialup/ppp radius in the file /etc/portage/package.use. After that perform installation by using the command: emerge ppp After installation it is necessary to edit configuration files. In particular, in the file /etc/ppp/radius/radiusclient.conf it is important to define the variables authserver and acctserver correctly. In these fields it should be indicated a domain name or IP-address of the RADIUS server (utm5_radius process). Example: authserver localhost: 1812 For correct authorization and accounting via RADIUS protocol it is necessary to define a secret word in the file /etc/ppp/radius/servers. Example: localhost secret After that install the package rp-pppoe by using the command: emerge rp-pppoe For correct work of rp-pppoe in the kernel mode put the following string in the file /etc/ppp/pppoe.conf: LINUX_PLUGIN=rp-pppoe.so Additionally, in the file /etc/ppp/pppoe-server-options it is necessary to set the following: require-chap require-mschap-v2 proxyarp nologfd plugin radius.so According to these settings secure authorization protocols CHAP and MSCHAPv2 are allowed. It is also defined that the radius.so plug-in should be loaded for working with RADIUS protocol. Before starting the server, load the Linux kernel module by using the command: modprobe pppoe In order to load the module automatically on start-up of the operating system it is necessary to add the string pppoe in the file /etc/modules.autoload.d/kernel-2.6. If an error of the module absence in the system appears then it is necessary to set the following option for compilation of the Linux kernel: <M> PPP over Ethernet After the module has been loaded, it is possible to start the server by using the command: pppoe-server –k The PPPoE server configuration is now complete. PPPoE client installation & configurationFor setting up a subscriber’s PC it is necessary to download and unpack the raspppoe package from the web-site of the developer. As a result you should have the RASPPPOE_099 folder. For installation it is necessary to enter “Control panel"->"Network Connections" and in properties of any connection select “Install …" –> “Protocol" -> “Have Disk …"-> "Browse …". Set a path to the RASPPPOE_099 folder and select the file RASPPPOE.INF. Press “OK" when the system offers installing “PPP over Ethernet Protocol". After the protocol installation has been finished, it is possible to start RASPPPOE.EXE from the RASPPPOE_099 folder. In the menu select «Ethernet adapter connected to the local network» and press "Query Available Services". After a short search, found PPPoE servers are shown (figure 1).
 Figure 1. Search of available PPPoE servers in a local area network Select a PPPoE server and press "Create a Dial-Up Connection for the selected Service". As a result, in the Windows OS it shouldappear "Connection to zavidovo". For establishing the connection go to "Control panel"->"Network Connections" and click twice on the connection icon. Enter your login and password and press "Dial" (figure 2).
 Figure 2. Establishing PPPoE connection with a server Debugging and TestingPPPoE server messages are recorded in the file /var/log/messages. Below there is a part of the file in case of successful subscriber authorization: Oct 7 22:27:29 zavidovo pppoe-server[18595]: Session 10 created for client 00:80:48:30:4b:f8 (10.67.15.10) on eth0 using Service-Name ‘’ Oct 7 22:27:29 zavidovo pppd[18595]: Plugin /etc/ppp/plugins/rp-pppoe.so loaded. Oct 7 22:27:29 zavidovo pppd[18595]: RP-PPPoE plugin version 3.3 compiled against pppd 2.4.3 Oct 7 22:27:29 zavidovo pppd[18595]: Plugin radius.so loaded. Oct 7 22:27:29 zavidovo pppd[18595]: RADIUS plugin initialized. Oct 7 22:27:29 zavidovo pppd[18595]: pppd 2.4.3 started by root, uid 0 Oct 7 22:27:29 zavidovo pppd[18595]: using channel 66 Oct 7 22:27:29 zavidovo pppd[18595]: Using interface ppp0 Oct 7 22:27:29 zavidovo pppd[18595]: Connect: ppp0 <--> eth0
Oct 7 22:27:29 zavidovo pppd[18595]: sent [LCP ConfReq id=0x1
Oct 7 22:27:29 zavidovo pppd[18595]: rcvd [LCP ConfReq id=0x0
Oct 7 22:27:29 zavidovo pppd[18595]: sent [LCP ConfRej id=0x0
Oct 7 22:27:29 zavidovo pppd[18595]: rcvd [LCP ConfReq id=0x1
Oct 7 22:27:29 zavidovo pppd[18595]: sent [LCP ConfAck id=0x1
Oct 7 22:27:32 zavidovo pppd[18595]: sent [LCP ConfReq id=0x1
Oct 7 22:27:32 zavidovo pppd[18595]: rcvd [LCP ConfAck id=0x1 Oct 7 22:27:32 zavidovo pppd[18595]: sent [CHAP Challenge id=0x47 <139c175d3a37a56422dd83540583188f38a8c8>, name = “net11”] Oct 7 22:27:32 zavidovo pppd[18595]: rcvd [LCP Ident id=0x2 magic=0x19595f15 “MSRASV5.20”] Oct 7 22:27:32 zavidovo pppd[18595]: rcvd [LCP Ident id=0x3 magic=0x19595f15 “MSRAS-0-MONDIALE”]
Oct 7 22:27:32 zavidovo pppd[18595]: rcvd [CHAP Response id=0x47 Oct 7 22:27:32 zavidovo pppd[18595]: sent [CHAP Success id=0x47 “”] Oct 7 22:27:32 zavidovo pppd[18595]: peer from calling number 00:80:48:30:4B:F8 authorized
Oct 7 22:27:32 zavidovo pppd[18595]: sent [IPCP ConfReq id=0x1
Oct 7 22:27:32 zavidovo pppd[18595]: rcvd [CCP ConfReq id=0x4 Oct 7 22:27:32 zavidovo pppd[18595]: sent [CCP ConfReq id=0x1]
Oct 7 22:27:32 zavidovo pppd[18595]: sent [CCP ConfRej id=0x4
Oct 7 22:27:32 zavidovo pppd[18595]: rcvd [IPCP ConfReq id=0x5
Oct 7 22:27:32 zavidovo pppd[18595]: sent [IPCP ConfRej id=0x5
Oct 7 22:27:32 zavidovo pppd[18595]: rcvd [IPCP ConfAck id=0x1 Oct 7 22:27:32 zavidovo pppd[18595]: rcvd [CCP ConfAck id=0x1] Oct 7 22:27:32 zavidovo pppd[18595]: rcvd [CCP TermReq id=0x6 19 59 5f 15 00 3c cd 74 00 00 02 dc] Oct 7 22:27:32 zavidovo pppd[18595]: sent [CCP TermAck id=0x6]
Oct 7 22:27:32 zavidovo pppd[18595]: rcvd [IPCP ConfReq id=0x7
Oct 7 22:27:32 zavidovo pppd[18595]: sent [IPCP ConfNak id=0x7
Oct 7 22:27:32 zavidovo pppd[18595]: rcvd [IPCP ConfReq id=0x8
Oct 7 22:27:32 zavidovo pppd[18595]: sent [IPCP ConfAck id=0x8 Oct 7 22:27:32 zavidovo pppd[18595]: Cannot determine ethernet address for proxy ARP Oct 7 22:27:32 zavidovo pppd[18595]: local IP address 10.0.0.1 Oct 7 22:27:32 zavidovo pppd[18595]: remote IP address 172.16.0.102 Oct 7 22:27:32 zavidovo pppd[18595]: Script /etc/ppp/ip-up started (pid 18608) Oct 7 22:27:32 zavidovo pppd[18595]: Script /etc/ppp/ip-up finished (pid 18608), status = 0x1 As a result of successful authorization utm5_radius gives out IP-address 172.16.0.102 for a subscriber. RADIUS server functioning is recorded to the file /netup/utm5/log/radius_main.log. Below there is an extract from the file in case of successful authorization of a subscriber:
?Debug : Oct 07 22:27:32 AuthServer: User
?Debug : Oct 07 22:27:32 AuthServer: Session for sessionid
?Debug : Oct 07 22:27:32 RADIUS DBA: Info for login ?Debug : Oct 07 22:27:32 AuthServer: Auth scheme: CHAP ?Debug : Oct 07 22:27:32 AuthServer: CHAP: Challenge size: 19
?Debug : Oct 07 22:27:32 AuthServer: CHAP: Authorized user ?Debug : Oct 07 22:27:32 AuthServer: IP claimed: 0xac100066 (<172.16.0.102>) ?Debug : Oct 07 22:27:32 AuthServer: Calling fill radius attributes for service. Attr storage size <0> ?Debug : Oct 07 22:27:32 AuthServer: Calling fill radius attributes for slink. Attr storage size <0> ?Debug : Oct 07 22:27:32 AuthServer: Calling fill radius attributes for NAS. Attr storage size <0>
Notice: Oct 07 22:27:32 AuthServer: Login OK
Notice: Oct 07 22:27:32 AuthServer: Login OK ?Debug : Oct 07 22:27:32 AuthServer: Setting interim update interval from config On successful authorization, on the server it is created a dedicated interface for the current subscriber: ppp0 Link encap:Point-to-Point Protocol inet addr:10.0.0.1 P-t-P:172.16.0.102 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 RX packets:9 errors:0 dropped:0 overruns:0 frame:0 TX packets:9 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:133 (133.0 b) TX bytes:115 (115.0 b)
The article is protected by International Copyright Laws,
and may not be copied, reprinted or published |
|
|
