Parsing the PPPOE server setup process

Source: Internet
Author: User

Today, we will mainly explain how to set up a PPPOE server. As we all know, the development of networks is amazing. With the continuous evolution, both corporate and home access have entered a new era, the two most common access methods are ADSL Access and FTTx + LAN access. ADSL is an asymmetric digital user line, it is a type of virtual dialing through a common telephone line and adsl modem to a remote ISP's PPPOE server, and obtaining a dynamic IP address from the PPPOE server to access the Internet, the other FTTx + LAN access method is to connect the optical fiber to the central switch of a residential area. The users in the residential area do not need to use the adsl modem, but directly connect to the switch on the floor, perform virtual dialing to the PPPOE server of the remote ISP to access the Internet. This is what people often call residential broadband. In residential broadband, we can use the PPPOE verification defects to steal others' accounts and passwords.

First, let's take a look at the rough process of pppoe verification. You can search online ). If a client needs to authenticate with a remote PPPOE service, the PPPOE session consists of the discovery and PPP phases, when a client wants to start a PPPoE session, it must first identify the Ethernet MAC address of the peer and establish a PPPoE session ID. In the discovery phase, the network-based topology allows the client to discover multiple PPPoE servers. In addition, in the discovery phase, allow the client to find all the PPPoE servers, and then select one of them, but usually the one with the fastest response. Is this similar to the DHCP discovery process? When the discovery phase is completed successfully, the client and the PPPoE server it selected have their information for establishing PPP connections over Ethernet. The discovery phase remains stateless until the PPP session is established. Once a PPP session is established, both the client and the PPPoE server must allocate IP resources to the PPP Virtual Interface.

Because PPPOE verification does not have to be verified on the PPPOE server of China Telecom or China Netcom, it is used for identity verification by seeking for the nearest PPPOE server through broadcast. This is because, we can set up a PPPOE server locally, so in our community, users on the same vswitch may have to verify that my computer is on, I can easily get their account and password. Next I will use the routes and remote access functions of RASPPPOE_099 and windows server 2003 to implement a real PPPOE server.

To set up a PPPOE server, we need a software named RASPPPOE_99. It doesn't matter whether the software is decompressed to the desktop in advance ), this is a software that can set the local machine as a PPPOE server. First install the software, open the "local connection" attribute, click "Install", and then select "protocol ", then click "add", and then click "Install from disk", 1:

Select the directory where RASPPPOE_99 is located and click "OK". A select Network protocol dialog box is displayed. Select "ppp over Ethernet protocol" in the dialog box. 2:

Click "OK". After the installation is complete, a ppp over Ethernet protocol option will be added to the "local connection" attribute to confirm. 3:

Then, set the IP address 192.168.0.4 255.255.255.255.0 for the local machine, and set the DNS of China Telecom or China Netcom based on the current dial-up Internet access, can be queried using ipconfig/all in CMD). Other values are empty.

Here, our computer is already a PPPOE server, but we still need another feature, that is, the help of the Windows server 2003 Routing and Remote Access functions.

Open Administrative Tools, run the Routing and Remote Access snap-in, and right-click the XTAFLF-KYJX17IB local in the window) graph annotation: XTAFLF-KYJX17IB is the computer name ), select "configure and enable Routing and Remote Access", click "Next" in the installation wizard, select "Remote Access dialing or VPN)", and then "Next ", select "dialing" 4, "Next", and select "from a specified address range ".

"Next": Create an IP address in the range of 192.168.0.5-192.168.0.253. Click "Next" and select "no". Use Routing and Remote Access to authenticate the connection ", click "Next ".

Click "finish". A remote route access dialog box is displayed. Click "OK". The Routing and Remote Access are enabled here.

Right click XTAFLF-KYJX17IB local) Select properties, click Security and then click authentication method in front of Unencrypted Password PAP, remove all other hooks and click OK. 6.

Click "Remote Access Policy", right-click "connect to Microsoft route and remote access server" on the right, select "properties", and then select "Grant remote access permission ", then, click "Edit configuration file" to switch to "value verification". You only need to tick the value before "unencrypted authentication", and all others are empty. OK, switch to encryption, and select "no encryption" in it. 7:

A help topic will pop up. You can click "no", return to "Remote Access Policy", and right-click the "connection to other access servers" attribute, the setting is the same as that of "connecting to Microsoft route selection and remote access server. Click "remote access record", right-click "local file", and select attributes. All the three record options in the settings are checked. This way, the system automatically records the users currently dialing, the recorded files are stored IN c: \ windows \ system32 \ LogFiles \ named after IN time. NOTE: If no one is dialing at this time, the IN time name will not be generated. log, the content recorded in the file is only the dial-up account, to further listen to the password ).

This completes the setup of the PPPOE server.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.