Powered by Blogger.

Juniper SRX - Configuring PPPoE

Within this article the necessary steps required to configure PPPoE on the SRX platform are described.

Note : This configuration is based upon a) the chap authentication method b) the outside/untrust interface being fe-0/0/7.0.


Below shows the required configuration for PPPoE.

set interfaces fe-0/0/7 unit 0 encapsulation ppp-over-ether

set interfaces pp0 unit 0 ppp-options chap default-chap-secret <PASSWORD>
set interfaces pp0 unit 0 ppp-options chap local-name <USERNAME>
set interfaces pp0 unit 0 ppp-options chap passive

set interfaces pp0 unit 0 pppoe-options underlying-interface fe-0/0/7.0
set interfaces pp0 unit 0 pppoe-options idle-timeout 0
set interfaces pp0 unit 0 pppoe-options auto-reconnect 3
set interfaces pp0 unit 0 pppoe-options client

set interfaces pp0 unit 0 family inet mtu 1492
set interfaces pp0 unit 0 family inet negotiate-address

set routing-options static route next-hop pp0.0
set security zones security-zone untrust interfaces pp0.0



The following commands are used to display ppp and pppoe statistics.

root@srx100> show ppp statistics
Session statistics from PPP process
Total sessions: 1
Sessions in disabled phase    : 0
Sessions in establish phase   : 0
Sessions in authenticate phase: 0
Sessions in network phase     : 1
Bundles in pending phase      : 0

root@srx100> show pppoe statistics
Active PPPoE sessions: 1
PacketType                       Sent         Received
PADI                              2                0
PADO                              0                2
PADR                              2                0
PADS                              0                2
PADT                              0                0
Service name error                0                0
AC system error                   0                0
Generic error                     0                0
Malformed packets                 0                0
Unknown packets                   0                0
PADI                              0
PADO                              0
PADR                              0

Interface Information

The following command is used to display use information for the pp0 interface.

root@srx100# run show interfaces pp0
Physical interface: pp0, Enabled, Physical link is Up
Interface index: 128, SNMP ifIndex: 502
Type: PPPoE, Link-level type: PPPoE, MTU: 1532
Device flags   : Present Running
Interface flags: Point-To-Point SNMP-Traps
Link type      : Full-Duplex
Link flags     : None
Input packets : 0
Output packets: 0

Logical interface pp0.0 (Index 78) (SNMP ifIndex 532)
Flags: Point-To-Point SNMP-Traps 0x0 Encapsulation: PPPoE
State: SessionUp, Session ID: 6,
Session AC name: Vigor2000 PPPoE, Remote MAC address: xx:xx:xx:xx:xx:xx,
Configured AC name: None, Service name: None,
Auto-reconnect timeout: 30 seconds, Idle timeout: Never,
Underlying interface: fe-0/0/7.0 (Index 77)
Input packets : 1341
Output packets: 1153
Keepalive settings: Interval 10 seconds, Up-count 1, Down-count 3
Keepalive: Input: 5 (00:00:19 ago), Output: 26 (00:00:06 ago)
LCP state: Opened
NCP state: inet: Opened, inet6: Not-configured, iso: Not-configured, mpls: Not-configured
CHAP state: Success
PAP state: Closed
Security: Zone: untrust
Allowed host-inbound traffic : dns https ike ping ssh traceroute
Protocol inet, MTU: 1492
Flags: Sendbcast-pkt-to-re, User-MTU, Negotiate-Address
Addresses, Flags: Kernel Is-Preferred Is-Primary
Destination: x.x.x.x, Local: x.x.x.x
    Blogger Comment
    Facebook Comment