用ACS SERVER认证的PPPOE的实例

!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname xxxxxxx
!
aaa new-model
!
!
aaa group server radius pppoe
server 10.72.254.125 auth-port 1645 acct-port 1646
server 10.72.253.7 auth-port 1645 acct-port 1646
!
aaa authentication ppp default group pppoe
aaa authorization network default group pppoe 
aaa accounting network default start-stop group pppoe
aaa session-id common
enable secret 5 $1$nXz9$VFWaAXNkq/JfBUj4hn.Kx/
!
username xxx password 0 xxxxxx
ip subnet-zero
!
!
ip domain-name xxxxxx
ip name-server xxx.xxx.xxx
!
ip audit notify log
ip audit po max-events 100
ip ssh time-out 120
ip ssh authentication-retries 3
vpdn enable
!
vpdn-group PPPOE
accept-dialin
protocol pppoe
virtual-template 10
pppoe limit max-sessions 500
!
vpdn-group pppoe
!
pppoe-forwarding
async-bootp dns-server xxx.xxx.xxx.xxx
!
crypto mib ipsec flowmib history tunnel size 200
crypto mib ipsec flowmib history failure size 200
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.75.255.240 255.255.255.255
!
interface GigabitEthernet0/0
no ip address
duplex full
speed 100
media-type rj45
pppoe enable
!
interface GigabitEthernet0/0.2
encapsulation dot1Q 2
pppoe enable
!
interface GigabitEthernet0/0.3
encapsulation dot1Q 3
pppoe enable
!
interface GigabitEthernet0/0.507
description jxtvnet-fengyuan-office
encapsulation dot1Q 507
pppoe enable
!
interface GigabitEthernet0/0.699
description pppoe-access-vlans
encapsulation dot1Q 699
pppoe enable
!
interface GigabitEthernet0/0.701
description Department DATA office-yangxiaodong
encapsulation dot1Q 701
pppoe enable
!
interface GigabitEthernet0/0.802
description Jing-mao-wei
encapsulation dot1Q 802
ip address 10.72.243.1 255.255.255.248
pppoe enable
!
interface GigabitEthernet0/0.805
description Guo-tu-ting
encapsulation dot1Q 805
ip address 10.72.242.1 255.255.255.248
pppoe enable
!
interface GigabitEthernet0/0.806
description Shang-jian-ju
encapsulation dot1Q 806
ip address 172.19.1.1 255.255.255.248
pppoe enable
!
interface GigabitEthernet0/0.807
description Fang-zhi-ji-tuan
encapsulation dot1Q 807
ip address 172.19.5.1 255.255.255.248
pppoe enable
!
interface GigabitEthernet0/0.808
description Wen-jiao-lu-xiao-qu
encapsulation dot1Q 808
pppoe enable
!
interface GigabitEthernet0/0.810
description Yi-zhi
encapsulation dot1Q 810
ip address 172.19.7.1 255.255.255.248
pppoe enable
!
interface GigabitEthernet0/0.811
description zhong-zi-guan-li-zhan
encapsulation dot1Q 811
pppoe enable
!
interface GigabitEthernet0/0.814
description Yen-yei-gong-shi
encapsulation dot1Q 814
pppoe enable
!
interface GigabitEthernet0/0.815
description Xin-hua-shu-dian
encapsulation dot1Q 815
pppoe enable
!
interface GigabitEthernet0/1
ip address 10.72.207.245 255.255.255.252
duplex full
speed 100
media-type rj45
!
interface Virtual-Template10
mtu 1492
ip unnumbered GigabitEthernet0/1
no peer default ip address
ppp authentication chap
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.72.207.246
no ip http server
ip pim bidir-enable
!
!
snmp-server community xxxxx RO
snmp-server community xxxxx RW
!
!
radius-server host 10.72.254.125 auth-port 1645 acct-port 1646 key cisco
radius-server host 10.72.253.7 auth-port 1645 acct-port 1646 key cisco
radius-server retransmit 3
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
login authentication no_tacacs
line aux 0
line vty 0 4
password xxxxx
!
!
end

aaa group server radius pppoe
server 10.72.254.125 auth-port 1645 acct-port 1646
server 10.72.253.7 auth-port 1645 acct-port 1646
!
aaa authentication ppp default group pppoe
aaa authorization network default group pppoe 
aaa accounting network default start-stop group pppoe
radius-server host 10.72.254.125 auth-port 1645 acct-port 1646 key cisco
radius-server host 10.72.253.7 auth-port 1645 acct-port 1646 key cisco