The topology diagram is as follows. The PC needs dhcp to obtain the address and access AR2 through NAT.
Switch configuration
[Huawei]sys sw1
[sw1]an in on
Info: Information center is disabled.
[sw1]vlan ba 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[sw1]not e0/0/1
[sw1-Ethernet0/0/1]po link ac
[sw1-Ethernet0/0/1]po de vlan 10
[sw1-Ethernet0/0/1]not e0/0/2
[sw1-Ethernet0/0/2]po link ac
[sw1-Ethernet0/0/2]po de vlan 20
[sw1-Ethernet0/0/2]not e0/0/3
[sw1-Ethernet0/0/3]po link tr
[sw1-Ethernet0/0/3]po tr al vlan 10 20
pppoe client configuration
[Huawei]sys pppoe-client
[pppoe-client]un in en
Info: Information center is disabled.
[pppoe-client]dhcp en
[pppoe-client]not g0/0/1.10
[pppoe-client-GigabitEthernet0/0/1.10]ip ad 192.168.10.254 24
[pppoe-client-GigabitEthernet0/0/1.10]do te vid 10
[pppoe-client-GigabitEthernet0/0/1.10]a b e
[pppoe-client-GigabitEthernet0/0/1.10]dhcp don't see
[pppoe-client-GigabitEthernet0/0/1.10]not g0/0/1.20
[pppoe-client-GigabitEthernet0/0/1.20]ip ad 192.168.20.254 24
[pppoe-client-GigabitEthernet0/0/1.20]do te vid 20
[pppoe-client-GigabitEthernet0/0/1.20]a b e
[pppoe-client-GigabitEthernet0/0/1.20]dhcp don't see
[pppoe-client-GigabitEthernet0/0/1.20]q
Interest stream required by nat
[pppoe-client]acl 2000
[pppoe-client-acl-basic-2000]ru pe so 192.168.10.0 0.0.0.255
[pppoe-client-acl-basic-2000]ru pe so 192.168.20.0 0.0.0.255
[pppoe-client-acl-basic-2000]q
The name of the dial port is arbitrary. The range of bundle and group is 1-254, which is bound to the dial port.
[pppoe-client]interface Dialer1
[pppoe-client-Dialer1] link-protocol ppp
[pppoe-client-Dialer1] ppp chap user huawei
[pppoe-client-Dialer1] ppp chap password cipher huawei
[pppoe-client-Dialer1] ip address ppp-negotiate
[pppoe-client-Dialer1] dialer user huawei
[pppoe-client-Dialer1] dialer bundle 1
[pppoe-client-Dialer1] dialer-group 1
[pppoe-client-Dialer1]q
[pppoe-client]interface GigabitEthernet0/0/0
The serial number 1 under the interface is the serial number of the bundle in the dialing port.
[pppoe-client-GigabitEthernet0/0/0] pppoe-client dial-bundle-number 1 on-demand
[pppoe-client-GigabitEthernet0/0/0] mtu 1492
[pppoe-client-GigabitEthernet0/0/0]q
Address rules that allow dialing, all can be allowed or detailed.
[pppoe-client]dialer-rule
[pppoe-client-dialer-rule] dialer-rule 1 ip permit
[pppoe-client-dialer-rule]q
[pppoe-client]ip route-static 0.0.0.0 0.0.0.0 Dialer1
Configure NAT under the dial-up port
[pppoe-client]interface Dialer1
[pppoe-client-Dialer1]nat out 2000
pppoe server side settings
[Huawei]sys pppoe-server
[pppoe-server]un in en
Configure dial-up pool
[pppoe-server]ip pool isp
[pppoe-server-ip-pool-isp] network 200.1.1.0 mask 255.255.255.0
[pppoe-server-ip-pool-isp] ga 200.1.1.2
[pppoe-server-ip-pool-isp]qu
[pppoe-server]dhcp en
Because it is chap authentication, you need to configure the account number, password and service type under aaa.
[pppoe-server]aaa
[pppoe-server-aaa] local-user huawei password cipher huawei
[pppoe-server-aaa] local-user huawei service-type ppp
Enter the configuration under the virtual template
[pppoe-server]interface Virtual-Template0
[pppoe-server-Virtual-Template0] ppp authentication-mode chap
[pppoe-server-Virtual-Template0] remote address pool isp
[pppoe-server-Virtual-Template0] ppp chap user huawei
[pppoe-server-Virtual-Template0] ip address 200.1.1.2 255.255.255.0
[pppoe-server-Virtual-Template0]q
[pppoe-server]interface GigabitEthernet0/0/0
[pppoe-server-GigabitEthernet0/0/0] pppoe-server bind Virtual-Template 0
[pppoe-server-GigabitEthernet0/0/0]q
Configure return route
[pppoe-server]ip route-static 0.0.0.0 0.0.0.0 Virtual-Template0
test
After the configuration is completed, the client dials to obtain the address
PC terminal dhcp obtain address
nat test
Packet capture credentials
Finally, dialing requires authentication. This experiment is true for chap. Pap is also available. The configuration is similar.