{"id":817,"date":"2019-09-19T03:47:17","date_gmt":"2019-09-19T03:47:17","guid":{"rendered":"https:\/\/www.jayjaydream.com\/?p=817"},"modified":"2019-09-19T03:47:17","modified_gmt":"2019-09-19T03:47:17","slug":"%e5%8d%8e%e4%b8%ba%e9%98%b2%e7%81%ab%e5%a2%99%e9%85%8d%e7%bd%aepppoe%e6%8b%a8%e5%8f%b7%e6%8e%a5%e5%85%a5internet","status":"publish","type":"post","link":"https:\/\/www.jayjaydream.com\/?p=817","title":{"rendered":"\u534e\u4e3a\u9632\u706b\u5899\u914d\u7f6ePPPoE\u62e8\u53f7\u63a5\u5165Internet"},"content":{"rendered":"<p>\u534e\u4e3a\u9632\u706b\u5899\u914d\u7f6ePPPoE\u62e8\u53f7\u63a5\u5165Internet<\/p>\n<h2>\u7ec4\u7f51\u9700\u6c42<\/h2>\n<p>\u8bbe\u5907\u4f5c\u4e3aClient\uff0c\u901a\u8fc7PPPoE\u534f\u8bae\u5411Server\uff08\u8fd0\u8425\u5546\u8bbe\u5907\uff09\u62e8\u53f7\u540e\u83b7\u5f97IP\u5730\u5740\uff0c\u5b9e\u73b0\u63a5\u5165Internet\u3002<br \/>\nUSG\u4f5c\u4e3a\u51fa\u53e3\u7f51\u5173\uff0c\u4e3a\u5c40\u57df\u7f51\u5185PC\u63d0\u4f9b\u63a5\u5165Internet\u51fa\u53e3\u3002<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" title=\"\u534e\u4e3a\u9632\u706b\u5899\u914d\u7f6ePPPoE\u62e8\u53f7\u63a5\u5165Internet - \u7b2c1\u5f20  | \u9e7f\u9e23\u5929\u6daf\" alt=\"\u534e\u4e3a\u9632\u706b\u5899\u914d\u7f6ePPPoE\u62e8\u53f7\u63a5\u5165Internet - \u7b2c1\u5f20  | \u9e7f\u9e23\u5929\u6daf\" class=\"size-full wp-image-818 alignnone\" src=\"https:\/\/www.jayjaydream.com\/wp-content\/uploads\/2019\/09\/usg.jpg\" alt=\"\" width=\"532\" height=\"271\" srcset=\"https:\/\/www.jayjaydream.com\/wp-content\/uploads\/2019\/09\/usg.jpg 532w, https:\/\/www.jayjaydream.com\/wp-content\/uploads\/2019\/09\/usg-150x76.jpg 150w, https:\/\/www.jayjaydream.com\/wp-content\/uploads\/2019\/09\/usg-300x153.jpg 300w\" sizes=\"auto, (max-width: 532px) 100vw, 532px\" \/><\/p>\n<p>PPPoE\u63a5\u5165Internet\u7ec4\u7f51\u56fe<\/p>\n<h2>\u7f51\u7edc\u89c4\u5212<\/h2>\n<p>1.\u4e0b\u884c\u94fe\u8def\uff1a\u4f7f\u7528LAN\u4ee5\u592a\u7f51\u63a5\u53e3\uff0c\u901a\u8fc7\u4ea4\u6362\u673a\u8fde\u63a5\u516c\u53f8\u5185\u7684\u6240\u6709PC\u3002<\/p>\n<p>2.\u4e0a\u884c\u94fe\u8def\uff1a\u4f7f\u7528WAN\u4ee5\u592a\u7f51\u63a5\u53e3\u63a5\u5165Internet\u3002\u540c\u65f6\uff0c\u5411\u8fd0\u8425\u5546\u7533\u8bf7Internet\u63a5\u5165\u670d\u52a1\uff08\u7528\u6237\u540d\u548c\u5bc6\u7801\u5747\u4e3a\uff1auser\uff09\u3002\u8fd0\u8425\u5546\u63d0\u4f9b\u7684Internet\u63a5\u5165\u670d\u52a1\u4f7f\u7528PPPoE\u534f\u8bae\u3002\u6839\u636e\u4ee5\u4e0a\u60c5\u51b5\uff0c\u9700\u8981\u5c06USG\u4f5c\u4e3aPPPoE Client\uff0c\u5411PPPoE Server\uff08\u8fd0\u8425\u5546\u8bbe\u5907\uff09\u62e8\u53f7\u83b7\u5f97IP\u5730\u5740\u3001DNS\u5730\u5740\u540e\uff0c\u5b9e\u73b0\u63a5\u5165Internet\u3002<\/p>\n<p>3.\u5c40\u57df\u7f51\u5185\u6240\u6709PC\u90fd\u90e8\u7f72\u572810.1.1.0\/24\u7f51\u6bb5\uff0c\u5747\u901a\u8fc7DHCP\u52a8\u6001\u83b7\u5f97IP\u5730\u5740\u3002<\/p>\n<h2>\u914d\u7f6e\u601d\u8def<\/h2>\n<p>1.\u914d\u7f6e\u4e0b\u884c\u94fe\u8def\u3002<br \/>\n\u5728Vlanif 1\u4e0a\u5f00\u542fDHCP Server\u670d\u52a1\uff0c\u4e3aPC\u52a8\u6001\u5206\u914dIP\u5730\u5740\uff0c\u6307\u5b9aPC\u83b7\u5f97\u7684\u7f51\u5173\u548cDNS\u670d\u52a1\u5668\u5730\u5740\u5747\u4e3aVlanif 1\u63a5\u53e3\u3002<br \/>\nPC\u4e0a\u7f51\u901a\u5e38\u9700\u8981\u89e3\u6790\u57df\u540d\uff0c\u8fd9\u5c31\u9700\u8981\u4e3a\u5176\u6307\u5b9aDNS\u670d\u52a1\u5668\u5730\u5740\u3002\u672c\u4f8b\u4e2d\u91c7\u7528USG\u4f5c\u4e3aDNS\u4e2d\u7ee7\u8bbe\u5907\u3002<br \/>\n2.\u914d\u7f6e\u4e0a\u884c\u94fe\u8def\u3002<br \/>\n3.\u5c06\u63a5\u53e3\u52a0\u5165\u5230\u5b89\u5168\u533a\u57df\uff0c\u5e76\u5728\u57df\u95f4\u914d\u7f6eNAT\u548c\u5305\u8fc7\u6ee4\u3002<br \/>\n\u5c06\u8fde\u63a5\u516c\u53f8\u5c40\u57df\u7f51\u7684\u63a5\u53e3\u52a0\u5165\u5230\u9ad8\u5b89\u5168\u7b49\u7ea7\u7684\u533a\u57df\uff08Trust\uff09\uff0c\u5c06\u8fde\u63a5Internet\u7684\u4e0a\u884c\u63a5\u53e3\u52a0\u5165\u5230\u4f4e\u5b89\u5168\u7b49\u7ea7\u7684\u533a\u57df\uff08Untrust\uff09\u3002<br \/>\n\u5c40\u57df\u7f51\u5185\u901a\u5e38\u4f7f\u7528\u79c1\u7f51\u5730\u5740\uff0c\u8bbf\u95eeInternet\u65f6\uff0c\u5fc5\u987b\u914d\u7f6eNAT\u3002\u672c\u4f8b\u4e2d\uff0c\u56e0\u4e3a\u4e0a\u884c\u63a5\u53e3\u901a\u8fc7\u62e8\u53f7\u83b7\u5f97IP\u5730\u5740\uff0c\u6bcf\u6b21\u62e8\u53f7\u83b7\u5f97\u7684IP\u5730\u5740\u53ef\u80fd\u4e0d\u4e00\u6837\uff0c\u6240\u4ee5\u91c7\u7528Easy IP\u3002<br \/>\n4.\u914d\u7f6eDNS\u4ee3\u7406\u3002<br \/>\n\u6307\u5b9aDNS\u670d\u52a1\u5668\u5730\u5740\u4e3aDialer\u63a5\u53e3\u62e8\u53f7\u540e\uff0c\u4ece\u8fd0\u8425\u5546\u5904\u83b7\u5f97\u3002<br \/>\n5.\u914d\u7f6e\u9759\u6001\u8def\u7531\uff0c\u6307\u5b9a\u51fa\u63a5\u53e3\u4e3aDialer 1\u3002<\/p>\n<h2>\u64cd\u4f5c\u6b65\u9aa4<\/h2>\n<p>1.\u914d\u7f6e\u4e0b\u884c\u94fe\u8def\u3002<br \/>\n# \u914d\u7f6eVlanif 1\u63a5\u53e3\u7684IP\u5730\u5740\u3002<br \/>\n&lt;USG&gt; system-view<br \/>\n[USG] interface Vlanif 1<br \/>\n[USG-Vlanif1] ip address 10.1.1.1 24<br \/>\n# \u5728Vlanif 1\u4e0a\u5f00\u542fDHCP Server\u670d\u52a1\uff0c\u4e3aPC\u52a8\u6001\u5206\u914dIP\u5730\u5740\uff0c\u6307\u5b9aPC\u83b7\u5f97\u7684\u7f51\u5173\u548cDNS\u670d\u52a1\u5668\u5730\u5740\u5747\u4e3aVlanif 1\u63a5\u53e3\u3002<br \/>\n[USG-Vlanif1] dhcp select interface<br \/>\n[USG-Vlanif1] dhcp server dns-list 10.1.1.1<br \/>\n[USG-Vlanif1] quit<br \/>\n2.\u914d\u7f6e\u4e0a\u884c\u94fe\u8def\u3002<br \/>\n# \u521b\u5efaDialer 1\u63a5\u53e3\uff0c\u5e76\u542f\u7528\u5171\u4eabDCC\u3002<br \/>\n[USG] dialer-rule 20 ip permit<br \/>\n[USG] interface Dialer 1<br \/>\n[USG-Dialer1] dialer user test<br \/>\n[USG-Dialer1] dialer-group 20<br \/>\n\u5fc5\u987b\u786e\u4fdd\u547d\u4ee4dialer-group\u4e2d\u7684\u53c2\u6570group-number\u548cdialer-rule\u4e2d\u7684\u53c2\u6570group-number\u4fdd\u6301\u4e00\u81f4\u3002\u672c\u914d\u7f6e\u4e3e\u4f8b\u4e2d\u53d6\u503c\u4e3a20\u3002<br \/>\ndialer user username\u547d\u4ee4\u7528\u6765\u542f\u52a8\u5171\u4eabDCC\u3002\u5176\u4e2dusername\u53ef\u4ee5\u53d6\u4efb\u610f\u503c\uff0c\u6bd4\u5982abc\uff0ctest\u3002<br \/>\n# \u914d\u7f6e\u4f7f\u7528\u534f\u5546\u65b9\u5f0f\u83b7\u53d6IP\u5730\u5740\u3002<br \/>\n[USG-Dialer1] ip address ppp-negotiate<br \/>\n# \u914d\u7f6e\u4ece\u8fd0\u8425\u5546\u5904\u83b7\u5f97DNS\u670d\u52a1\u5668\u5730\u5740\u3002<br \/>\n[USG-Dialer1] ppp ipcp dns admit-any<br \/>\n# \u5728Dialer\u63a5\u53e3\u4e0b\u914d\u7f6e\u7528\u6237\u540d\uff08user\uff09\u548c\u5bc6\u7801\uff08Admin@123\uff09\u3002<br \/>\n[USG-Dialer1] ppp chap user user<br \/>\n[USG-Dialer1] ppp chap password cipher Admin@123<br \/>\n[USG-Dialer1] ppp pap local-user user user password cipher Admin@123<br \/>\n# \u914d\u7f6eDialer Bundle\u3002<br \/>\n[USG-Dialer1] dialer bundle 1<br \/>\n[USG-Dialer1] quit<br \/>\n# \u5728GigabitEthernet 0\/0\/2\u4e0a\u5efa\u7acb\u4e00\u4e2aPPPoE\u4f1a\u8bdd\uff0c\u5e76\u6307\u5b9a\u8be5\u4f1a\u8bdd\u6240\u5bf9\u5e94\u7684Dialer Bundle\u3002<br \/>\n[USG] interface GigabitEthernet 0\/0\/2<br \/>\n[USG-GigabitEthernet0\/0\/2] pppoe-client dial-bundle-number 1<br \/>\n[USG-GigabitEthernet0\/0\/2] quit<br \/>\n3.\u5c06\u63a5\u53e3\u52a0\u5165\u5230\u5b89\u5168\u533a\u57df\uff0c\u5e76\u5728\u57df\u95f4\u914d\u7f6eNAT\u548c\u5305\u8fc7\u6ee4\u3002<br \/>\n# \u5c06\u63a5\u53e3\u52a0\u5165\u5230\u5b89\u5168\u533a\u57df\u3002<br \/>\n[USG] firewall zone untrust<br \/>\n[USG-zone-untrust] add interface GigabitEthernet 0\/0\/2<br \/>\n[USG-zone-untrust] add interface dialer 1<br \/>\n[USG-zone-untrust] quit<br \/>\n[USG] firewall zone trust<br \/>\n[USG-zone-trust] add interface vlanif 1<br \/>\n[USG-zone-trust] add interface Ethernet 6\/0\/0<br \/>\n[USG-zone-trust] add interface Ethernet 6\/0\/1<br \/>\n[USG-zone-trust] quit<br \/>\n# \u57df\u95f4\u914d\u7f6eNAT\u548c\u5305\u8fc7\u6ee4\u3002<br \/>\n[USG] firewall packet-filter default permit all<br \/>\n[USG] nat-policy interzone trust untrust outbound<br \/>\n[USG-nat-policy-interzone-trust-untrust-outbound] policy 1<br \/>\n[USG-nat-policy-interzone-trust-untrust-outbound-1] action source-nat<br \/>\n[USG-nat-policy-interzone-trust-untrust-outbound-1] policy source 10.1.1.0 0.0.0.255<br \/>\n[USG-nat-policy-interzone-trust-untrust-outbound-1] easy-ip dialer 1<br \/>\n[USG-nat-policy-interzone-trust-untrust-outbound-1] quit<br \/>\n[USG-nat-policy-interzone-trust-untrust-outbound] quit<br \/>\nfirewall packet-filter default permit all<br \/>\n\u547d\u4ee4\u4e2d\uff0c\u6253\u5f00\u4e86\u6240\u6709\u5b89\u5168\u533a\u57df\u95f4\u7684\u5305\u8fc7\u6ee4\u3002\u8bf7\u6839\u636e\u7f51\u7edc\u60c5\u51b5\u5173\u95ed\u4e0d\u9700\u8981\u5f00\u653e\u7684\u57df\u95f4\u7f3a\u7701\u5305\u8fc7\u6ee4\u3002<br \/>\n4.\u914d\u7f6eDNS\u4ee3\u7406\u3002<br \/>\n[USG] dns proxy enable<br \/>\n[USG] dns server unnumbered interface dialer 1<br \/>\n5.\u914d\u7f6e\u9759\u6001\u8def\u7531\u3002<br \/>\n[USG] ip route-static 0.0.0.0 0.0.0.0 Dialer 1<br \/>\n6.\u5728\u5c40\u57df\u7f51\u5185PC\u4e0a\uff0c\u914d\u7f6e\u81ea\u52a8\u83b7\u5f97IP\u5730\u5740\u548cDNS\u670d\u52a1\u5668\u5730\u5740\u3002<br \/>\n\u914d\u7f6e\u8fc7\u7a0b\u7565\uff0c\u8bf7\u53c2\u8003PC\u4f7f\u7528\u64cd\u4f5c\u7cfb\u7edf\u7684\u8bf4\u660e\u3002<\/p>\n<h2>\u7ed3\u679c\u9a8c\u8bc1<\/h2>\n<p>\u914d\u7f6e\u5b8c\u6210\u540e\uff0c\u901a\u8fc7display interface\u547d\u4ee4\u68c0\u67e5Dialer\u63a5\u53e3\u662f\u5426\u62e8\u53f7\u6210\u529f\uff08\u83b7\u5f97IP\u5730\u5740\u548cDNS\u670d\u52a1\u5668\u5730\u5740\uff09\u3002<br \/>\n[USG] display interface dialer 1<br \/>\nDialer1 current state : UP<br \/>\nLine protocol current state :UP (spoofing)<br \/>\nDescription : Route Port<br \/>\nThe Maximum Transmit Unit is 1492 bytes, Hold timer is 10(sec)<br \/>\nInternet Address is negotiated, 200.1.1.3\/32<br \/>\nLink layer protocol is PPP<br \/>\nLCP initial<br \/>\nPhysical is Dialer<br \/>\nLast 300 seconds input rate 0 bits\/s, 0 packets\/s<br \/>\nLast 300 seconds output rate 0 bits\/s, 0 packets\/s<br \/>\n30 packets input, 1152 bytes, 0 drops<br \/>\n30 packets output, 1058 bytes, 0 drops<br \/>\nBound to Dialer1:0<br \/>\nDialer1:0 current state : UP<br \/>\nLine protocol current state : UP<br \/>\nLink layer protocol is PPP<br \/>\nLCP opened, IPCP opened<br \/>\nPrimary DNS Address is 202.1.1.10<br \/>\nSecondary DNS Address is 202.11.11.12<br \/>\nCurrent Connect Time:0 day(s), 0 hour(s), 0 minute(s), 21 second(s)<br \/>\n\u5728PC\u4e0a\u6267\u884cipconfig \/all\u547d\u4ee4\uff0c\u68c0\u67e5PC\u662f\u5426\u6b63\u786e\u83b7\u5f97IP\u5730\u5740\u3001DNS\u670d\u52a1\u5668\u5730\u5740\u548c\u7f3a\u7701\u7f51\u5173\u3002<br \/>\nC:\\Documents and Settings\\Administrator&gt;ipconfig \/all<br \/>\nWindows IP Configuration<br \/>\nEthernet adapter 1:<br \/>\nConnection-specific DNS Suffix\u00a0\u00a0. :<br \/>\nDescription . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E GigabitEthernet Controller<br \/>\nPhysical Address. . . . . . . . . : 00-21-97-CF-22-38<br \/>\nDhcp Enabled. . . . . . . . . . . : Yes<br \/>\nAutoconfiguration Enabled . . . . : Yes<br \/>\nIP Address. . . . . . . . . . . . : 10.1.1.5<br \/>\nSubnet Mask . . . . . . . . . . . : 255.255.255.0<br \/>\nDefault Gateway . . . . . . . . . : 10.1.1.1<br \/>\nDHCP Server . . . . . . . . . . . : 10.1.1.1<br \/>\nDNS Servers . . . . . . . . . . . : 10.1.1.1<br \/>\nLease Obtained. . . . . . . . . . : 2011\u5e746\u670819\u65e5 11:19:34<br \/>\nLease Expires . . . . . . . . . . : 2011\u5e746\u670820\u65e5 11:19:34<br \/>\n\u5728PC\u4e0a\u8bbf\u95ee\u7f51\u9875\uff0c\u68c0\u67e5\u662f\u5426\u53ef\u4ee5\u6b63\u5e38\u4e0a\u7f51\u3002\u5982\u679c\u4e0d\u80fd\uff0c\u8bf7\u68c0\u67e5\u914d\u7f6e\u3002<\/p>\n<h2>\u914d\u7f6e\u547d\u4ee4<\/h2>\n<p>\u4e0b\u6587\u4e2d\u53ea\u5217\u51fa\u4e0e\u672c\u6587\u5185\u5bb9\u76f8\u5173\u7684\u547d\u4ee4\u3002<br \/>\n#<br \/>\ninterface Vlanif1<br \/>\nip address 10.1.1.1 24<br \/>\ndhcp select interface<br \/>\ndhcp server dns-list 10.1.1.1<br \/>\n#<br \/>\ndialer-rule 20 ip permit<br \/>\n#<br \/>\ninterface Dialer1<br \/>\nlink-protocol ppp<br \/>\ndialer user test<br \/>\ndialer-group 20<br \/>\nip address ppp-negotiate<br \/>\nppp ipcp dns admit-any<br \/>\nppp chap user user<br \/>\nppp chap password cipher %$%$Gal~X`28S\/.m]\\*fuO|&#8217;,{ri%$%$<br \/>\nppp pap local-user user user password cipher %$%$Gal~X`28S\/.m]\\*fuO|&#8217;,{ri%$%$<br \/>\ndialer bundle 1<br \/>\n#<br \/>\nip route-static 0.0.0.0 0.0.0.0 Dialer1<br \/>\n#<br \/>\ninterface GigabitEthernet0\/0\/2<br \/>\npppoe-client dial-bundle-number 1<br \/>\n#<br \/>\ndns proxy enable<br \/>\ndns server unnumbered interface Dialer1<br \/>\n#<br \/>\nfirewall zone local<br \/>\nset priority 100<br \/>\n#<br \/>\nfirewall zone trust<br \/>\nset priority 85<br \/>\nadd interface vlanif1<br \/>\nadd interface Ethernet6\/0\/0<br \/>\nadd interface Ethernet6\/0\/1<br \/>\n#<br \/>\nfirewall zone untrust<br \/>\nset priority 5<br \/>\nadd interface Dialer1<br \/>\nadd interface GigabitEthernet0\/0\/2<br \/>\n#<br \/>\nfirewall zone dmz<br \/>\nset priority 50<br \/>\n#<br \/>\nfirewall packet-filter default permit all<br \/>\n#<br \/>\nnat-policy interzone trust untrust outbound<br \/>\npolicy 1<br \/>\naction source-nat<br \/>\npolicy source 10.1.1.0 0.0.0.255<br \/>\neasy-ip Dialer1<br \/>\nreturn<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u534e\u4e3a\u9632\u706b\u5899\u914d\u7f6ePPPoE\u62e8\u53f7\u63a5\u5165Internet \u7ec4\u7f51\u9700\u6c42 \u8bbe\u5907\u4f5c\u4e3aClient &hellip; <a href=\"https:\/\/www.jayjaydream.com\/?p=817\">\u7ee7\u7eed\u9605\u8bfb <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[63],"class_list":["post-817","post","type-post","status-publish","format-standard","hentry","category-27","tag-63"],"_links":{"self":[{"href":"https:\/\/www.jayjaydream.com\/index.php?rest_route=\/wp\/v2\/posts\/817","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jayjaydream.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jayjaydream.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jayjaydream.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jayjaydream.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=817"}],"version-history":[{"count":1,"href":"https:\/\/www.jayjaydream.com\/index.php?rest_route=\/wp\/v2\/posts\/817\/revisions"}],"predecessor-version":[{"id":819,"href":"https:\/\/www.jayjaydream.com\/index.php?rest_route=\/wp\/v2\/posts\/817\/revisions\/819"}],"wp:attachment":[{"href":"https:\/\/www.jayjaydream.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=817"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jayjaydream.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=817"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jayjaydream.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=817"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}