Juniper pppoe 简单拨号上网

1.PPPoE配置
set pppoe interface eth4
ser pppoe username xxxx password xxxx
set flow tcp-mss 1420

2.set interface lo.1 nat


Juniper SRX防火墙
CHAP配置
set interfaces g0/0/0.0 encapsulation ppp-over-ether
set interfaces pp0.0 ppp-option chap default-chap-secret xxxxx
set interfaces pp0.0 ppp-option chap local-name xxxxx
set interfaces pp0.0 ppp-option chap passive

PAP

set interfaces pp0.0 ppp-options pap default-password xxxxx
set interfaces pp0.0 ppp-options pap local-name xxxxx
set interfaces pp0.0 ppp-options pap local-password xxxxx
set interfaces pp0.0 ppp-options pap passive

pppoe参数设置
set interfaces pp0.0 pppoe-options underlying-interface ge-0/0/0.0
set interfaces pp0.0 pppoe-options idle-timeout 0
set interfaces pp0.0 pppoe-options auto-reconnect 3
set interfaces pp0.0 pppoe-options client
set interfaces pp0.0 family inet mtu 1492
set interfaces pp0.0 family inet negotiate-address

计入untrust zone
edit security zones security-zone untrust
set interfaces pp0.0 host-inbound-traffic system-services ping

定义默认路由和NAT
set routing-options static route 0/0 next-hop pp0.0


edit security nat source rule-set access-internet
set from zone trust
set to zone untrust
edit rule 1


set match source-address 192.168.1.0/24
set then source-nat interface