SnapOverflow

SnapOverflow Logo SnapOverflow Logo

SnapOverflow Navigation

  • Home
  • Server
  • Ubuntu

Mobile menu

Close
  • Home
  • System Administrators
    • Hot Questions
    • New Questions
    • Tags
  • Ubuntu
    • Hot Questions
    • New Questions
    • Tags
  • Help
Home / server / Questions / 573973
In Process
Myles Gray
Myles Gray
Asked: 2014-02-08 06:56:41 +0800 CST2014-02-08 06:56:41 +0800 CST 2014-02-08 06:56:41 +0800 CST

Cisco 1841 - Acting as a PPPoE terminator?

  • 772

We have 2x Fortigate 200B firewalls that we wish to operate in Active/Active HA mode - though, obviously, they cannot do this with PPPoE/DHCP enabled on the externally facing interfaces.

To overcome this we want to use a Cisco 1841 as a PPPoE terminator on its f0/1 interface and present a static IP on its f0/0 interface (we have done similar with Cisco 857 boxes to terminate RJ11 ADSL PPPoE connections and forward present on a FE interface in RJ45 for the 200Bs). This will allow us to set both 200Bs to manual and issue them the public IP address.

The general theory is to:

Unnumber the static route address against the LAN f0/0 side with the PPPoE virtual interface Dialer1.

So, we have this config (which works) on our Cisco 857s:

!Internally facing

interface Ethernet0
 ip address [ip.add.ress.here] 255.255.255.248
 ip virtual-reassembly
 ip tcp adjust-mss 1452
 hold-queue 100 out

!Externally facing ADSL connection

interface ATM0
 no ip address
 atm vc-per-vp 64
 no atm ilmi-keepalive
 dsl operating-mode auto
 pvc 8/35 
  no oam-pvc manage
  pppoe-client dial-pool-number 1

!Virtual PPPoE interface

interface Dialer1
 ip unnumbered Ethernet0
 ip virtual-reassembly
  encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer-group 1
 ppp authentication chap pap callin
 ppp chap hostname [our username]
 ppp chap password 7 [our password]
 ppp pap sent-username [our username] password 7 [our password]
!
ip route 0.0.0.0 0.0.0.0 Dialer1

On our 1841 we have this:

! Internally Facing

interface FastEthernet0/0
 ip address [ip.add.ress.here] 255.255.255.248
 ip nat inside
 speed 100
 full-duplex

! Externally Facing

interface FastEthernet0/1
 no ip address
 speed 100
 full-duplex
 pppoe enable group global
 pppoe-client dial-pool-number 1

! Virtual PPPoE Interface

interface Dialer1
 mtu 1492
 ip unnumbered FastEthernet0/0
 ip nat outside
 ip virtual-reassembly in
 encapsulation ppp
 dialer pool 1
 dialer idle-timeout 0
 dialer-group 1
 ppp authentication chap pap callin
 ppp chap hostname [our username]
 ppp chap password 0 [our password]
 ppp pap sent-username [our username] password 0 [our password]
 no cdp enable
!
no ip classless
ip forward-protocol nd
!
ip route 0.0.0.0 0.0.0.0 Dialer1
!
dialer-list 1 protocol ip permit

But we don't seem to have any luck with this config, can anyone advise?

networking
  • 0 0 Answers
  • 1204 Views

0 Answers

  • Voted

Sidebar

Stats

  • Questions 681965
  • Answers 980273
  • Best Answers 280204
  • Users 287326
  • Popular
  • Answers
  • Marko Smith

    Can you pass user/pass for HTTP Basic Authentication in URL parameters?

    • 5 Answers
  • Marko Smith

    Ping a Specific Port

    • 18 Answers
  • Marko Smith

    Check if port is open or closed on a Linux server?

    • 7 Answers
  • Marko Smith

    How to automate SSH login with password?

    • 10 Answers
  • Marko Smith

    How do I tell Git for Windows where to find my private RSA key?

    • 30 Answers
  • Marko Smith

    What's the default superuser username/password for postgres after a new install?

    • 5 Answers
  • Marko Smith

    What port does SFTP use?

    • 6 Answers
  • Marko Smith

    Command line to list users in a Windows Active Directory group?

    • 9 Answers
  • Marko Smith

    What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

    • 3 Answers
  • Marko Smith

    How to determine if a bash variable is empty?

    • 15 Answers
  • Martin Hope
    Davie Ping a Specific Port 2009-10-09 01:57:50 +0800 CST
  • Martin Hope
    Smudge Our security auditor is an idiot. How do I give him the information he wants? 2011-07-23 14:44:34 +0800 CST
  • Martin Hope
    kernel Can scp copy directories recursively? 2011-04-29 20:24:45 +0800 CST
  • Martin Hope
    Robert ssh returns "Bad owner or permissions on ~/.ssh/config" 2011-03-30 10:15:48 +0800 CST
  • Martin Hope
    Eonil How to automate SSH login with password? 2011-03-02 03:07:12 +0800 CST
  • Martin Hope
    gunwin How do I deal with a compromised server? 2011-01-03 13:31:27 +0800 CST
  • Martin Hope
    Tom Feiner How can I sort du -h output by size 2009-02-26 05:42:42 +0800 CST
  • Martin Hope
    Noah Goodrich What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats? 2009-05-19 18:24:42 +0800 CST
  • Martin Hope
    Brent How to determine if a bash variable is empty? 2009-05-13 09:54:48 +0800 CST
  • Martin Hope
    cletus How do you find what process is holding a file open in Windows? 2009-05-01 16:47:16 +0800 CST

Related Questions

Trending Tags

linux nginx windows networking ubuntu domain-name-system amazon-web-services active-directory apache-2.4 ssh

Explore

  • Home
  • Questions
    • Hot Questions
    • New Questions
  • Tags
  • Help

Footer

SnapOverflow

About Us

  • About Us
  • Contact Us

Legal Stuff

  • Privacy Policy

Help

© 2022 SOF-TR. All Rights Reserve