PIX515E设置ADSL拨号的方法：

以下命令在8.0版本IOS下测试通过，较老版本IOS命令可能有差异。

pix(config)#vpdn group ChengDu request dialout pppoe  
   //为ADSL拨号创建虚拟专用拨号网络组(VPDN Group),ChengDu为组名,随便填你自己喜欢的

pix(config)#vpdn group ChengDu localname (ADSL账号名)
pix(config)#vpdn group ChengDu ppp authentication pap/chap //启用验证方式
pix(config)#vpdn username (ADSL账号名) password (账号密码)   //就是ISP给你的帐号和密码

------以下是启用PPPoE会话命令------
进入外网接口：
pix515E(config)# int e0
pix515E(config-if)# ip add pppoe setroute //启动拨号，如果没有配默认路由，则必须加上

附件中是一篇从百度文库上摘抄的配置文档可供参考

ASA5505# show run

: Saved

:

ASA Version 7.2(2)

!

hostname ASA5505

enable password 9jNfZuG3TC5tCVH0 encrypted

names

!

interface Vlan1

 nameif inside

 security-level 100

 ipaddress 192.168.1.1 255.255.255.0

!

interface Vlan2                                               

 nameif ADSL//定义接口的名字

 security-level 0//定义接口的安全级别

 pppoe client vpdn group adsl//定义pppoe客户端的组的名字

 ip address pppoe setroute//定义IP地址的类型

!

interface Ethernet0/0

 switchport access vlan 2

!

interface Ethernet0/1

!

interface Ethernet0/2

 shutdown

!

interface Ethernet0/3

 shutdown

!

interface Ethernet0/4

 shutdown

!

interface Ethernet0/5

 shutdown

!

interface Ethernet0/6

 shutdown

!

interface Ethernet0/7

 shutdown

!

passwd 2KFQnbNIdI.2KYOU encrypted

ftp mode passive

clock timezone GMT 8

pager lines 24

logging enable

logging monitor emergencies

logging buffered debugging

mtu inside 1500

mtu ADSL 1500

icmp unreachable rate-limit 1 burst-size 1

icmp permit any inside

asdm image disk0:/asdm-523.bin

no asdm history enable

arp timeout 14400

nat-control

global (ADSL) 1 interface//定义全局转换地址

nat (inside) 1 0.0.0.00.0.0.0//定义内部转换地址

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h2251:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite0:03:00 sip-disconnect 0:02:00

timeout uauth 0:05:00 absolute

username gefangliang password.Xk/Clh/p4BiEWeV encrypted

aaa authentication ssh console LOCAL

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authenticationlinkup linkdown coldstart

crypto ipsec transform-set myset esp-desesp-md5-hmac

crypto map newmap 10 match address 102

crypto map newmap 10 set peer 58.56.11.90

crypto map newmap 10 set transform-setmyset

crypto map newmap 10 set reverse-route

crypto isakmp policy 10

 authentication pre-share

 encryption des

 hashmd5

 group 2

 lifetime 3600

tunnel-group DefaultL2LGroupipsec-attributes

 pre-shared-key *

telnet 0.0.0.00.0.0.0 inside

telnet timeout 5

ssh 0.0.0.00.0.0.0 ADSL//在外出口上启用SSH连接

ssh timeout 5

console timeout 0

vpdn group adsl requestdialout pppoe

vpdn group adsl localname053201359805@adsla

vpdn group adsl pppauthentication pap

vpdn username053201359805@adsla password ********* store-local//定义拨号上网的用户名和密码

dhcpd dns 219.146.0.130

!

 

!

class-map inspection_default

 match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

 parameters

 message-length maximum 512

policy-map global_policy

 class inspection_default

 inspect dns preset_dns_map

 inspect ftp

 inspect h323 h225

 inspect h323 ras

 inspect netbios

 inspect rsh

 inspect rtsp

 inspect skinny

 inspect esmtp

 inspect sqlnet

 inspect sunrpc

 inspect tftp

 inspect sip

 inspect xdmcp

 inspect icmp

!

service-policy global_policy global

prompt hostname context

Cryptochecksum:0ff91c11339fc14d254c49dfa1a91b3b

: end

ASA5505#

ASA5505#

ASA5505#

本文转自 qq8658868 51CTO博客，原文链接：http://blog.51cto.com/hujizhou/1186347，如需转载请自行联系原作者