As an engineer in ISP domain you have to know some of the important key points before
implement the PPPoE network in your organisation .As per as My recommendation this blog will
help you to know more about PPPoE services .Now a days there are all the radius company which is compatible to run the PPPoE services with Mikrotik .
I have given you the picture below of my network to run the PPPoE services .Here I am using this diagram .
Lets Start the configuration .
NOTE:---Whichever the IP address you are providing to the users after verifying the username and password please Don't configure any IP address in PPPoE interface from that subnet . So it's not recommended to configure the ip address in PPPoE interface .Because the ip will be thrown by Mikrotik NAS from the IP pool which you have assigned in the remote ip pool list of PPPoE profiles.
Here , I have a default IP pool in Mikrotik pool list and the users will get the ip address from that IP pool , But i have not configured any IP in my PPPoE interface from That sub net (192.168.0.0/24).
Step -1
Click On PPP >
Click On PPPoE Servers and CLick on Add(+) .
Service Name:Which ever the service name you can give according to you but sometimes you can create a problem like that when the users are setting their dial up connection they have to enter this exact service name in their device .
Interface :- which interface you want to run the PPPoE services you have select that same interface in the interface list .And all your PPPoE users will be connected from that interface only .
MAX MTU-Maximum Transmission Unit. The optimal value is the MTU of the interface the tunnel is working over reduced by 20 (so, for 1500-byte Ethernet link, set the MTU to 1480 to avoid fragmentation of packets.The recommenced MTU 1492 because there is adding some extra 8 bit ine header . so it's important to keep in your mind .
One session Per host:-Allow only one session per host (determined by MAC address). If a host tries to establish a new session, the old one will be closed.
the services will be available to the users .
In my case I have selected the Profile1 as profile of my PPPoE server .
Lets get in to the Profile 1.
Local Address :- The Local Address means , this local address will be the gateway of your PPPoE users and for recommendation it would be your WAN IP but also you can give your LAN ip .
Remote IP address:- The remote IP address means the users will get the IP address when they will dial using their username and password .
NOTE:- The ip pooling is depend on your requirement because if you are using the radius server then you can enable the IP pooling in NAS and RAdius as welll but you cant enable the IP pooling in both nas and radius so you have to enable the IP pooling from one it can be your NAS or it can be your radius . But here I have enabled the IP pooling in NAS so I have disabled the IP pooling in Radius .
If you want enable the ip pooling in NAs then you have to create one IP pool in NAS and Radius as well but the IP will be provided to the users by NAS .And you have to assign that Pool name in remote ip address .In my case I have configured the IP pool in nas the name of default and that IP pool i have configured in the Remote IP Address .
After creation the IP pool in NAS ,you have to assign that ip pool in Remote IP address list .and after that when the users will be dial using their username and password they will get the IP from this Pool of NAS .
You have to enter the DNS ip in the profile because it's very important to get the DNS for users otherwise they will not able to browse the internet .
Here, I am using the radius server with Mikrotik NAS so I have to select the Use Radius .
Here is some important things to have in the PPPoE profiles .
Session Time out- Maximum time the connection can stay up. By default no time limit is set.If you will setup any time the NAS will make log out to that user from NAS .
Idle Timeout:-Specifies the amount of time after which the link will be terminated if there are no activity present. Timeout is not set by default.
Radius Configuration in the Mikrotik .
Address:My Radius IP
Secreat:-Shared secret used to access the RADIUS server.
Authentication Port -RADIUS server port used for authentication
Accounting Port:-RADIUS server port used for accounting.
Note:-Don't Select the Accounting Backup always if it's not for backup RADIUS server.
You have to select the Radius Incoming because that allow to terminate a session which has already been connected from RADIUS server. For this purpose DM (Disconnect-Messages) are used. Disconnect messages cause a user session to be terminated immediately.
Now you have to add the NAS in your RADIUS but here i am not going to show you that .
and later on i will upload that screen shot of the NAS adding in the Radius .
implement the PPPoE network in your organisation .As per as My recommendation this blog will
help you to know more about PPPoE services .Now a days there are all the radius company which is compatible to run the PPPoE services with Mikrotik .
I have given you the picture below of my network to run the PPPoE services .Here I am using this diagram .
Lets Start the configuration .
NOTE:---Whichever the IP address you are providing to the users after verifying the username and password please Don't configure any IP address in PPPoE interface from that subnet . So it's not recommended to configure the ip address in PPPoE interface .Because the ip will be thrown by Mikrotik NAS from the IP pool which you have assigned in the remote ip pool list of PPPoE profiles.
Here , I have a default IP pool in Mikrotik pool list and the users will get the ip address from that IP pool , But i have not configured any IP in my PPPoE interface from That sub net (192.168.0.0/24).
Step -1
Click On PPP >
Click On PPPoE Servers and CLick on Add(+) .
Service Name:Which ever the service name you can give according to you but sometimes you can create a problem like that when the users are setting their dial up connection they have to enter this exact service name in their device .
Interface :- which interface you want to run the PPPoE services you have select that same interface in the interface list .And all your PPPoE users will be connected from that interface only .
MAX MTU-Maximum Transmission Unit. The optimal value is the MTU of the interface the tunnel is working over reduced by 20 (so, for 1500-byte Ethernet link, set the MTU to 1480 to avoid fragmentation of packets.The recommenced MTU 1492 because there is adding some extra 8 bit ine header . so it's important to keep in your mind .
One session Per host:-Allow only one session per host (determined by MAC address). If a host tries to establish a new session, the old one will be closed.
PPPoE Profile
This is very important to configure the PPPoE profile for PPPoE users because based on your profilethe services will be available to the users .
In my case I have selected the Profile1 as profile of my PPPoE server .
Lets get in to the Profile 1.
Local Address :- The Local Address means , this local address will be the gateway of your PPPoE users and for recommendation it would be your WAN IP but also you can give your LAN ip .
Remote IP address:- The remote IP address means the users will get the IP address when they will dial using their username and password .
NOTE:- The ip pooling is depend on your requirement because if you are using the radius server then you can enable the IP pooling in NAS and RAdius as welll but you cant enable the IP pooling in both nas and radius so you have to enable the IP pooling from one it can be your NAS or it can be your radius . But here I have enabled the IP pooling in NAS so I have disabled the IP pooling in Radius .
If you want enable the ip pooling in NAs then you have to create one IP pool in NAS and Radius as well but the IP will be provided to the users by NAS .And you have to assign that Pool name in remote ip address .In my case I have configured the IP pool in nas the name of default and that IP pool i have configured in the Remote IP Address .
After creation the IP pool in NAS ,you have to assign that ip pool in Remote IP address list .and after that when the users will be dial using their username and password they will get the IP from this Pool of NAS .
You have to enter the DNS ip in the profile because it's very important to get the DNS for users otherwise they will not able to browse the internet .
Here, I am using the radius server with Mikrotik NAS so I have to select the Use Radius .
Here is some important things to have in the PPPoE profiles .
Idle Timeout:-Specifies the amount of time after which the link will be terminated if there are no activity present. Timeout is not set by default.
Radius Configuration in the Mikrotik .
Address:My Radius IP
Secreat:-Shared secret used to access the RADIUS server.
Authentication Port -RADIUS server port used for authentication
Accounting Port:-RADIUS server port used for accounting.
Note:-Don't Select the Accounting Backup always if it's not for backup RADIUS server.
You have to select the Radius Incoming because that allow to terminate a session which has already been connected from RADIUS server. For this purpose DM (Disconnect-Messages) are used. Disconnect messages cause a user session to be terminated immediately.
Now you have to add the NAS in your RADIUS but here i am not going to show you that .
and later on i will upload that screen shot of the NAS adding in the Radius .
No comments:
Post a Comment