The next procedure shows how to restrict an interface to a group of PPPoE clients. Before performing this task, you need to obtain the real Ethernet MAC addresses of the clients you are assigning to the interface.
Using the example that is shown in Example of a Configuration for a PPPoE Tunnel, these steps show how to reserve one of dslserve's interfaces, hme1, for clients at MiddleCo.
Here is a sample entry for clients Red, Blue, and Yellow.
8:0:20:1:40:30 redether 8:0:20:1:40:10 yellowether 8:0:20:1:40:25 blueether
The sample assigns the symbolic names redether, yellowether, and blueether to the Ethernet addresses of clients Red, Yellow, and Blue. The assignment of symbolic names to the MAC addresses is optional.
In this file, device is the name of the device to be defined.
# cat /etc/ppp/pppoe.hme1 service internet pppd "name dslserve-hme1" clients redether,yellowether,blueether
dslserve-hme1 is the access server's name, which is used in matching entries in the pap-secrets file. The clients option restricts the use of interface hme1 to clients with the symbolic Ethernet names redether, yellowether, and blueether.
If you did not define symbolic names for client's MAC addresses in /etc/ethers, you can use the numeric addresses as arguments for the clients option. Wildcards are allowed.
For example, you can specify the numeric address clients 8:0:20:*:*:*. By using wildcards, all matching addresses in /etc/ethers are accepted.
Red dslserve-hme1 redpasswd * Blue dslserve-hme1 bluepasswd * Yellow dslserve-hme1 yellowpassd *
The entries are the PAP names and passwords of clients that are allowed to run PPP over dslserve's hme1 interface.
For more information about PAP authentication, see Configuring PAP Authentication.
The following list provides references to related information.
To learn more about PPPoE, see Creating PPPoE Tunnels for DSL Support.
To troubleshoot PPPoE and PPP problems, see Solving PPP-Related and PPPoE-Related Problems.
To configure a PPPoE client, see Setting Up the PPPoE Client.
To configure PAP authentication for a client, see Configuring PAP Authentication for Trusted Callers (Dial-out Machines).
To configure PAP authentication on a server, see Configuring PAP Authentication on the Dial-in Server.