Tp-Link T2500-28TC V2 [269/342] Pppoe config

258

Feature Default Settings

Authentication enable

method list

The list is empty, which means users can promote to

administrator privilege without password.

Access application

authentication

The application console/telnet/ssh/http use the default Login

List and default Enable list.

802.1X authentication server

and accounting server

802.1X authentication uses the radius server group. 802.1X

accounting uses the radius server group.

13.8 PPPoE Config



PPPoE Circuit-ID Tag Overview

In the ATM-based network, the BRAS (Broadband Remote Access Server) vendors need to

acquire the unique information from DSL (digital subscriber line) for RADIUS (Remote

Authentication Dial In User Service) authentication and accounting processes. The PPPoE

Circuit-ID Insertion feature uses a PPPoE intermediate agent function on the DSLAM. The

DSLAM (Digital Subscriber Line Multiplexer) attaches a tag to the PPPoE discovery packets.

This tag is called the PPPoE Vendor-Specific tag and it contains a unique line identifier. The

BRAS receives the tagged packet, decodes the tag, and uses the Circuit-ID field of that tag as a

NAS-Port-ID attribute in the RADIUS authentication packet for PPP authentication and AAA

(authentication, authorization, and accounting) access requests.

In this Chapter the switch will work as a DSLAM.



PPPoE Circuit-ID Tag Operation Process

The general PPPoE Circuit-ID Tag work process is shown below:

Figure 13-25 PPPoE Discovery Process

The PPPoE discovery process is illustrated below:

1. The client sends PADI (PPPoE Active Discovery Initiation) packets to the switch.

2. The switch intercepts PADI packets and inserts a unique Circuit-ID tag to them.

3. The switch forwards the PADI packets with Circuit-ID tag to the BRAS.

4. The BRAS responses with the PADO (PPPoE Active Discovery Offer) packets after

receiving the PADI packets.