SRX Services Gateway
SRX Services Gateway

PPPOE Not Working

‎08-26-2018 07:12 AM

Hi guys,

I am trying to set up a pppoe connection with my provider but i have an hard time, using a windows 10 pc everything goes fine but my srx300 does not want to set up the connection, below my configuration and statistics :

 

## Last commit: 2018-08-26 13:25:48 UTC by root
version 15.1X49-D70.3;
system {
    root-authentication {
        encrypted-password "$5$W4TA6tM.$POHBgQMXH45JYV8L34ne/Hk8xJUu1qMQUcyx/zDS
19D"; ## SECRET-DATA
    }
    name-server {
        8.8.8.8;
        8.8.4.4;
    }
    services {
        ssh;
        telnet;
        xnm-clear-text;
        netconf {
            ssh;
        }
        dhcp-local-server {
            group jdhcp-group {
                interface irb.0;
            }
        }
web-management {
            https {
                system-generated-certificate;
            }
        }
    }
    syslog {
        archive size 100k files 3;
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
    max-configurations-on-flash 5;
    max-configuration-rollbacks 5;
    license {
        autoupdate {
url https://ae1.juniper.net/junos/key_retrieval;
        }
    }
}
security {
    screen {
        ids-option untrust-screen {
            icmp {
                ping-death;
            }
            ip {
                source-route-option;
                tear-drop;
            }
            tcp {
                syn-flood {
                    alarm-threshold 1024;
                    attack-threshold 200;
                    source-threshold 1024;
                    destination-threshold 2048;
                    timeout 20;
                }
                land;
         }
        }
    }
    nat {
        source {
            rule-set trust-to-untrust {
                from zone trust;
                to zone untrust;
                rule source-nat-rule {
                    match {
                        source-address 0.0.0.0/0;
                    }
                    then {
                        source-nat {
                            interface;
                        }
                    }
                }
            }
            rule-set trust-untrust {
                from zone trust;
                to interface pp0.0;
                rule Egress-Int {
                match {
                        source-address 0.0.0.0/0;
                        destination-address 0.0.0.0/0;
                    }
                    then {
                        source-nat {
                            interface;
                        }
                    }
                }
            }
        }
    }
    policies {
        from-zone trust to-zone trust {
            policy trust-to-trust {
                match {
                    source-address any;
                    destination-address any;
                    application any;
                }
                then {
                    permit;
           }
            }
        }
        from-zone trust to-zone untrust {
            policy trust-to-untrust {
                match {
                    source-address any;
                    destination-address any;
                    application any;
                }
                then {
                    permit;
                }
            }
            policy allow-all {
                match {
                    source-address any;
                    destination-address any;
                    application any;
                }
                then {
                    permit;
                }
           }
        }
    }
    zones {
        security-zone trust {
            host-inbound-traffic {
                system-services {
                    all;
                }
                protocols {
                    all;
                }
            }
            interfaces {
                irb.0;
            }
        }
        security-zone untrust {
            screen untrust-screen;
            host-inbound-traffic {
                system-services {
                    ping;
                }
           }
            interfaces {
                ge-0/0/0.0 {
                    host-inbound-traffic {
                        system-services {
                            dhcp;
                            tftp;
                        }
                    }
                }
                pp0.0;
            }
        }
    }
}
interfaces {
    ge-0/0/0 {
        unit 0 {
            encapsulation ppp-over-ether;
        }
    }
    ge-0/0/1 {
        unit 0 {
          family ethernet-switching {
                vlan {
                    members vlan-trust;
                }
            }
        }
    }
    ge-0/0/2 {
        unit 0 {
            family ethernet-switching {
                vlan {
                    members vlan-trust;
                }
            }
        }
    }
    ge-0/0/3 {
        unit 0 {
            family ethernet-switching {
                vlan {
                    members vlan-trust;
                }
            }
     }
    }
    ge-0/0/4 {
        unit 0 {
            family ethernet-switching {
                vlan {
                    members vlan-trust;
                }
            }
        }
    }
    ge-0/0/5 {
        unit 0 {
            family ethernet-switching {
                vlan {
                    members vlan-trust;
                }
            }
        }
    }
    ge-0/0/6 {
        unit 0 {
            family ethernet-switching {
              vlan {
                    members vlan-trust;
                }
            }
        }
    }
    ge-0/0/7 {
        unit 0 {
            family ethernet-switching {
                vlan {
                    members vlan-trust;
                }
            }
        }
    }
    irb {
        unit 0 {
            family inet {
                address 192.168.1.1/24;
            }
        }
    }
    pp0 {
      unit 0 {
            ppp-options {
                chap {
                    default-chap-secret "$9$n1cb/9prlM8X-Ct1hSyW8Ndb2JDzF/"; ##SECRET-DATA
                    local-name aliceadsl;
                    passive;
                }
                pap {
                    local-name aliceadsl;
                    local-password "$9$6epc9CuleWLxdApIcyr8L-VwgZjF39"; ## SECRET-DATA
                    passive;
                }
            }
            pppoe-options {
                underlying-interface ge-0/0/0.0;
                idle-timeout 0;
                access-concentrator srx300;
                auto-reconnect 10;
                client;
            }
               mtu 1492;
                negotiate-address;
            }
        }
    }
}
routing-options {
    static {
        route 0.0.0.0/0 next-hop pp0.0;
    }
}
protocols {
    l2-learning {
        global-mode switching;
    }
    ppp {
        traceoptions {
            file ppp;
            level all;
            flag all;
        }
    }
    pppoe {
      traceoptions {
            file pppoe;
            level all;
            flag all;
        }
    }
}
access {
    address-assignment {
        pool junosDHCPPool {
            family inet {
                network 192.168.1.0/24;
                range junosRange {
                    low 192.168.1.2;
                    high 192.168.1.254;
                }
                dhcp-attributes {
                    router {
                        192.168.1.1;
                    }
                    propagate-settings ge-0/0/0.0;
                }
            }
       }
    }
}
vlans {
    vlan-trust {
        vlan-id 3;
        l3-interface irb.0;
    }

Show ppp statistics :

Active PPPoE sessions: 0
  PacketType                       Sent         Received
    PADI                             18                0
    PADO                              0                0
    PADR                              0                0
    PADS                              0                0
    PADT                              0                0
    Service name error                0                0
    AC system error                   0                0
    Generic error                     0                0
    Malformed packets                 0                0
    Unknown packets                   0                0
  Timeout
    PADI                              2
    PADO                              0
    PADR                              0
  Receive Error Counters
    PADI                              0
    PADO                              0
    PADR                              0
    PADS                              0

Thank you guys.

 

 

 

 

2 REPLIES 2
Highlighted
SRX Services Gateway

Re: PPPOE Not Working

‎08-26-2018 10:20 PM

This is my working configuration.

 

labroot# show
## Last changed: 2017-09-13 11:11:50 UTC
version 12.1X46-D40.2;

interfaces {
ge-0/0/1 {
vlan-tagging;
unit 100 {
encapsulation ppp-over-ether;
vlan-id 100;
}
}

lo0 {
unit 0 {
family inet {
address 1.1.1.1/32;
}
}
}
pp0 {
unit 100 {
ppp-options {
pap {
local-name "test";
local-password "$9$-Fd2aji.5z6qm"; ## SECRET-DATA
passive;
}
}
pppoe-options {
underlying-interface ge-0/0/1.100;
auto-reconnect 10;
client;
}
family inet {
primary;
negotiate-address;
}
}
}

security {
screen {
ids-option untrust-screen {
icmp {
ping-death;
}
ip {
source-route-option;
tear-drop;
}
tcp {
syn-flood {
alarm-threshold 1024;
attack-threshold 200;
source-threshold 1024;
destination-threshold 2048;
timeout 20;
}
land;
}
}
}
nat {
source {
rule-set trust-to-untrust {
from zone trust;
to zone untrust;
rule source-nat-rule {
match {
source-address 0.0.0.0/0;
}
then {
source-nat {
interface;
}
}
}
}
}
}
policies {
from-zone trust to-zone untrust {
policy trust-to-untrust {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
}
zones {
security-zone trust {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
interfaces {
vlan.0;
ge-0/0/0.0;
}
}
security-zone untrust;
}
}
vlans {
vlan-trust {
vlan-id 3;
l3-interface vlan.0;
}
}

Highlighted
SRX Services Gateway

Re: PPPOE Not Working

‎09-20-2018 07:56 AM

It looks like it may be the access-concentrator line (access-concentrator srx300)

This is the name of the access concentrator you are connected to, not your own device, try disabling this and try to reconnect.

 

interfaces {
   pp0 {
      unit 0 {
            pppoe-options {
                access-concentrator srx300;
            }

         }
      }
}