SRX Services Gateway
Highlighted
SRX Services Gateway

PPPOE Question

‎08-26-2015 02:22 AM

I am currently  configure my first srx210 after installing serveral SSGs during the last years. My Costumer is using a 100 MBit Fiber connection using PPPOE provided by a switch. The old Router was a linksys e3000 which work properly using DDWRT.

 

I used the PPPOE Setup Wizzard to configure the SRX. My Problem is the External PPP session doesnt come up

 

/Snip

 

## Last commit: 2015-08-24 18:43:46 GMT+1 by root
version 12.1X46-D35.1;
system {
    host-name Wulff;
    time-zone GMT+1;
    root-authentication {
        encrypted-password "$1$2JyqJlrR$rr4ZmiEdUb2HS0lM/oc7H."; ## SECRET-DATA
    }
    name-server {
        208.67.222.222;
        208.67.220.220;
    }
    name-resolution {
        no-resolve-on-input;
    }
    services {
        ssh;
        telnet;
        web-management {
            http {
                interface vlan.1;
            }
            https {
                system-generated-certificate;
                interface [ vlan.1 pp0.0 ];
            }
            session {
                idle-timeout 60;
            }
        }
        dhcp {
            pool 192.168.2.0/24 {
                address-range low 192.168.2.230 high 192.168.2.254;
                router {
                    192.168.2.100;
                }
            }
            propagate-ppp-settings pp0.0;
        }
    }
    syslog {
        archive size 100k files 3;
        user * {
            any emergency;
        }
        file messages {
            any critical;
            authorization info;
        }
        file interactive-commands {
            interactive-commands error;
        }
    }
    max-configurations-on-flash 5;
    max-configuration-rollbacks 5;
    license {
        autoupdate {
            url https://ae1.juniper.net/junos/key_retrieval;
        }
    }
    ntp {
        server us.ntp.pool.org;
    }
}
interfaces {
    ge-0/0/0 {
        speed 1g;
        mtu 1514;
        link-mode full-duplex;
        gigether-options {
            auto-negotiation;
        }
        unit 0 {
            encapsulation ppp-over-ether;
        }
    }
    ge-0/0/1 {
        unit 0 {
            family ethernet-switching {
                vlan {
                    members vlan1;
                }
            }
        }
    }
    fe-0/0/2 {
        unit 0 {
            family ethernet-switching {
                vlan {
                    members vlan1;
                }
            }
        }
    }
    fe-0/0/3 {
        unit 0 {
            family ethernet-switching {
                vlan {
                    members vlan1;
                }
            }
        }
    }
    fe-0/0/4 {
        unit 0 {
            family ethernet-switching {
                vlan {
                    members vlan1;
                }
            }
        }
    }
    fe-0/0/5 {
        unit 0 {
            family ethernet-switching {
                vlan {
                    members vlan1;
                }
            }
        }
    }
    fe-0/0/6 {
        unit 0 {
            family ethernet-switching {
                vlan {
                    members vlan1;
                }
            }
        }
    }
    fe-0/0/7 {
        unit 0 {
            family ethernet-switching {
                vlan {
                    members vlan1;
                }
            }
        }
    }
    pp0 {
        unit 0 {
            apply-macro Startup_Connection;
            ppp-options {
                chap {
                    default-chap-secret "$9$H.Tztu1yevcSWx-VY2UjH"; ## SECRET-DATA
                    local-name bestattungsi;
                    passive;
                }
                pap {
                    local-name bestattungsi;
                    local-password "$9$ASaTuIEvWxw24VbaUikPf69A"; ## SECRET-DATA
                    passive;
                }
            }
            pppoe-options {
                underlying-interface ge-0/0/0.0;
            }
            family inet {
                negotiate-address;
            }
        }
    }
    vlan {
        unit 1 {
            family inet {
                address 192.168.2.100/24;
            }
        }
    }
}
routing-options {
    static {
        route 0.0.0.0/0 {
            next-hop pp0.0;
            qualified-next-hop pp0.0 {
                metric 1;
            }
        }
    }
}
protocols {
    stp;
}

 

/Snip

 

does anybody know whether there is a command to manually bring up the ppp connection ? If i ping a router on the Internet my Local Firewall reports an unreachable

and the Provider cannot "see" my SRX Mac Address on his Switch

 

thx

 

 

Oliver

 

 

2 REPLIES 2
Highlighted
SRX Services Gateway

Re: PPPOE Question

[ Edited ]
‎08-26-2015 05:57 AM

Hey,

see if the last two lines is what you need :


set groups wiz_PPPoE_0 system name-server 8.8.8.8
set groups wiz_PPPoE_0 system name-server 8.8.4.4
set groups wiz_PPPoE_0 system services dhcp name-server 8.8.8.8
set groups wiz_PPPoE_0 system services dhcp name-server 8.8.4.4
set groups wiz_PPPoE_0 interfaces pp0 unit 0 description DIALER
set groups wiz_PPPoE_0 interfaces pp0 unit 0 ppp-options pap local-name "USER@ISP"
set groups wiz_PPPoE_0 interfaces pp0 unit 0 ppp-options pap no-rfc2486
set groups wiz_PPPoE_0 interfaces pp0 unit 0 ppp-options pap local-password "SECRETDATA"
set groups wiz_PPPoE_0 interfaces pp0 unit 0 ppp-options pap passive
set groups wiz_PPPoE_0 interfaces pp0 unit 0 pppoe-options underlying-interface ge-0/0/0.0
set groups wiz_PPPoE_0 interfaces pp0 unit 0 pppoe-options idle-timeout 0
set groups wiz_PPPoE_0 interfaces pp0 unit 0 pppoe-options auto-reconnect 10
set groups wiz_PPPoE_0 interfaces pp0 unit 0 keepalives interval 10
set groups wiz_PPPoE_0 interfaces pp0 unit 0 family inet negotiate-address
set groups wiz_PPPoE_0 interfaces ge-0/0/0 unit 0 encapsulation ppp-over-ether
set groups wiz_PPPoE_0 routing-options static route 0.0.0.0/0 qualified-next-hop pp0.0 metric 1
set groups wiz_PPPoE_0 security zones security-zone untrust interfaces pp0.0

Regards,
A'bed AL-R.
[JNCSP-SEC JNCDA JNCIS-ENT Ingenious Champion|Sec]
https://srxtech.wordpress.com
Highlighted
SRX Services Gateway

Re: PPPOE Question

‎08-26-2015 11:10 PM

I do not really understand what ou mean

 

 

Feedback