PPPoE and ASA - Internet access


 - lan access configured

 - lan connected to ethernet0/1(vlan1)

 - configuration prepared for ASA 5505 but with small modification,especially on interfaces will work on ASA 5510



  • 1.create vpdn group


(config)#vpdn group Bellnet request dialout pppoe


  • 2. create username for PPPoE connetion(user will be local in that case)


(config)#vpdn group Bellnet localname pppoe-username@bellnet.ca

  • 3.set authentication type for Bellnet vpdn group


(config)#vpdn group Bellnet ppp authentication pap

  • 4.set password for user pppoe-username@bellnet.ca


(config)#vpdn username pppoe-username@bellnet.ca password *****

  • 5.create interface vlan and configure it to use PPPoE


(config)#interface vlan 4

(config-if)#nameif backup
(config-if)#security-level 0
 (config-if)#pppoe client vpdn group Bellnet
(config-if)#ip address pppoe setroute

(config-if)#no shutdown

  • 6.assign interface vlan 4 to physical interface on ASA,in my case Eth0/3


(config)# interface ethernet 0/3

(config-if)# switchport access vlan 4

  • 7.set mtu for backup to 1492


(config)#mtu backup 1492


  • 8.configure natting


(config)#nat (inside) 1 x.x.x.x x.x.x.x

(config)#global (backup) 1 interface

x.x.x.x x.x.x.x is lan

  • 9.configure access-list on external(backup) interface and on local(inside),on local if possible.


rules configure based on your own needs


  • 10.test it and save config



dzbanek 2012-11-09


This site uses cookies. Some of the cookies we use are essential for parts of the site to operate and have already been set. You may delete and block all cookies from this site, but parts of the site will not work.