Cisco PPPoE Server Configuration Example

PPP (Point to Point Protocol) was originally used on serial interfaces for point-to-point interfaces. In the 90s, PPP was also commonly used for internet dial-up connections. One of the advantages of PPP is that you can use it to assign an IP address to the other end. The most important advantage, however, is that you can use CHAP authentication. This allows an ISP to check the username/password of a remote user.

Around the year 2000, we got DSL and cable Internet connections, and ISPs wanted to keep using PPP. The issue, though is that computers and routers are connected to a DSL/cable modem using Ethernet, so it wasn’t possible to use PPP from your computer or router as it had to travel over an Ethernet link. To fix this problem, a new RFC was created for PPPoE (PPP over Ethernet). It allows us to encapsulate PPP into Ethernet frames.

In this lesson, I’ll show you how to configure a PPPoE server and PPPoE client.


We will use the following two routers:

pppoe topology client server

We only need two routers…a client and a server. Let’s configure the server first.


There are quite some commands required to configure PPPoE. I’ll walk you through the configuration step-by-step.

PPPoE requires a BBA (BroadBand Access) group, which is used to establish PPPoE sessions. This is where you can configure session limitations per client and such. You can create multiple BBA groups or use the global BBA group:

Server(config)#bba-group pppoe global
Server(config-bba-group)#virtual-template 1

I’m not going to configure any session limitations, but I do have to refer to a virtual template. The virtual template is where we configure the IP address and some other PPP-related settings:

Server(config)#interface virtual-template 1
Server(config-if)#ip address
Server(config-if)#mtu 1492
Server(config-if)#peer default ip address pool CLIENT
Server(config-if)#ppp authentication chap callin

This is where we configure the IP address for the server and we also have to set the MTU here. Since PPPoE adds another header (8 bytes) we have to reduce the MTU size to 1492. PPP allows us to assign an IP address to a client without using DHCP, which is what we will do here. We refer to a local pool called “CLIENT” that we will configure in a bit. Last but not least, when the client attempts to connect, we will authenticate the client.

Let’s configure the local pool:

Server(config)#ip local pool CLIENT

Whenever the client connects, it will receive IP address You can also use DHCP if you want some more options.

Don’t forget to create a username and password:

Server(config)#username CUSTOMER password CISCO

The last thing we have to do is to enable the BBA group on the interface that connects to the client:

Server(config)#interface GigabitEthernet 0/1
Server(config-if)#pppoe enable group global

That’s all you have to do on the server.  Let’s look at the client.


The configuration on the client side is a bit different. It requires a dialer interface. Dialer interfaces were originally used for dial-up connections. Nowadays, we use them as logical interfaces that can be bound to another interface. In our example, we will use a dialer interface to bind PPP to an Ethernet interface

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You’ve Ever Spent on Your Cisco Career!
  • Full Access to our 791 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

1624 Sign Ups in the last 30 days

100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: ,

Forum Replies

  1. Never knew about ip local pool before. Very cool. Also, you don’t need to set the mtu on the VT interface since the VAccess that gets spawned will already account for the PPPoE overhead. The Dialer won’t though, and we do need mtu 1492 there.

  2. For non-static clients’ IPs we can use local pools or dhcp:

    ! ------ R2 Client
    interface Dialer0
     ip address dhcp
    ! or
    !ip address negotiated
    ! ------ R1 Server
    ip dhcp excluded-address
    ip dhcp pool PPPoE 
    ! or
    ! ip local pool PPPoE
    interface Virtual-Template1
     peer ip address forced 
     peer default ip address dhcp-pool PPPoE
    ! or
    !peer ip address forced
    !peer default ip address pool PPPoE

    The local pools differ from the DHCP in assigning /32 to the clients.
    The OSPF RFC says

    ... Continue reading in our forum

  3. Hi Rene,
    when I write “bba-group pppoe global” in global config mode, on generic or 2811 router, it shows:
    invalid input detected…! what’s the problem from?

  4. Hi Sarah,

    It’s probably because the IOS version on your 2811 doesn’t support this command. You might want to check that and perhaps upgrade the image.


  5. thanks, I tested it in packet tracer but it seems it has not been simulated in packet tracer.
    I’m just practicing. in a simple topology that I need, there is one switch in center and one 2811 and one linksys router connected to switch. can I use PPPOE on linksys to conennct to 2811? and if yes, how should I config the “2811”?

59 more replies! Ask a question or join the discussion by visiting our Community Forum