cisco asr pppoe

1. !
2. ! Last configuration change at 12:18:46 MSK Tue Apr 25 2017
3. !
4. version 15.5
5. service timestamps debug datetime msec
6. service timestamps log datetime msec
7. service password-encryption
8. no platform punt-keepalive disable-kernel-core
9. !
10. hostname asr
11. !
12. boot-start-marker
13. boot system flash bootflash:asr1001x-universalk9.03.16.03.S.155-3.S3-ext.SPA.bin
14. boot-end-marker
15. !
16. !
17. vrf definition Mgmt-intf
18. !
19. address-family ipv4
20. exit-address-family
21. !
22. address-family ipv6
23. exit-address-family
24. !
25. logging buffered 32768
26. enable password 7 XXXXXXXXXXXXX
27. !
28. aaa new-model
29. !
30. !
31. aaa group server radius PPPoE
32. server-private 10.100.236.163 auth-port 1812 acct-port 1813 key 7 XXXXXXXXXXXXXXXXX
33. !
34. aaa authentication login default local
35. aaa authentication ppp PPPoE group PPPoE
36. aaa authorization network PPPoE group PPPoE
37. aaa authorization subscriber-service PPPoE group PPPoE
38. aaa accounting delay-start
39. aaa accounting update periodic 5
40. aaa accounting network PPPoE start-stop group PPPoE
41. !
42. aaa nas port extended
43. !
44. !
45. !
46. aaa server radius dynamic-author
47. client 10.100.236.163 server-key 7 XXXXXXXXXXX
48. server-key 7 XXXXXXXXXXXXXX
49. auth-type any
50. !
51. aaa session-id common
52. aaa policy interface-config allow-subinterface
53. clock timezone MSK 3 0
54. !
55. !
56. !
57. !
58. !
59. !
60.  
61.  
62. ip name-server 8.8.8.8
63.  
64. !
65. !
66. !
67. !
68. !
69. !
70. !
71. !
72. !
73. !
74. subscriber templating
75. subscriber authorization enable
76. multilink bundle-name authenticated
77. !
78. !
79. username admin privilege 15 password 7 XXXXXXXXXXXXXXX
80. !
81. redundancy
82. mode none
83. !
84. !
85. !
86. !
87. !
88. !
89. bba-group pppoe PPPoE
90. virtual-template 1
91. sessions per-mac limit 2
92. sessions auto cleanup
93. !
94. !
95. !
96. interface Loopback0
97. ip address 10.0.0.1 255.255.255.255
98. !
99. interface Loopback1
100. no ip address
101. !
102. interface TenGigabitEthernet0/0/0
103. no ip address
104. !
105. interface TenGigabitEthernet0/0/0.24
106. encapsulation dot1Q 24
107. ip address 10.100.216.254 255.255.255.0
108. !
109. interface TenGigabitEthernet0/0/0.436
110. encapsulation dot1Q 436
111. ip address 10.100.236.104 255.255.255.0
112. !
113. interface TenGigabitEthernet0/0/0.1416
114. encapsulation dot1Q 1416
115. ip address XXX.XXX.18.189 255.255.255.248
116. ip nat outside
117. !
118. interface TenGigabitEthernet0/0/1
119. no ip address
120. shutdown
121. !
122. !
123. interface GigabitEthernet0/0/3
124. no ip address
125. negotiation auto
126. pppoe enable group PPPoE
127. ip subscriber interface
128. !
129.  
130. !
131. interface GigabitEthernet0
132. vrf forwarding Mgmt-intf
133. no ip address
134. shutdown
135. negotiation auto
136. !
137. interface Virtual-Template1
138. mtu 1492
139. ip unnumbered Loopback0
140. no ip redirects
141. no ip unreachables
142. no ip proxy-arp
143. ip nat inside
144. ip tcp adjust-mss 1420
145. no peer default ip address
146. ppp authentication chap ms-chap-v2 callin PPPoE
147. ppp authorization PPPoE
148. ppp accounting PPPoE
149. ppp ipcp dns 8.8.8.8
150. ppp ipcp address required
151. ppp timeout idle 3600
152. !
153. !
154. ip nat pool NATPOOL XXX.XXX.18.189 XXX.XXX.18.189 netmask 255.255.255.0
155. ip nat inside source list 100 pool NATPOOL
156. ip forward-protocol nd
157.  
158.  
159. no ip http server
160. no ip http secure-server
161. ip tftp source-interface GigabitEthernet0
162. ip route 0.0.0.0 0.0.0.0 XXX.XXX.18.185
163. ip ssh version 2
164. !
165. !
166. access-list 100 permit ip 10.0.0.0 0.255.255.255 any
167. access-list 100 permit ip 172.16.0.0 0.15.255.255 any
168. access-list 100 permit ip 192.168.0.0 0.0.255.255 any
169. !
170. !
171. !
172. radius-server attribute nas-port format e UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU
173. radius-server key 7 XXXXXXXXXXXXXXXXX
174. radius-server vsa send cisco-nas-port
175. !
176. radius server BILLRADIUS
177. key 7 XXXXXXXXXXXX