How to configure Cisco ASA for PPPOE and Static Address from AT+T

Posted on 2011-10-27
Last Modified: 2012-05-12
I am trying to configure a Cisco ASA 5505 with static addresses that I got from AT+T.  Problem is that I have to include the pppoe information as well per AT+T.  I found the following on EE but is was for code 7.2.  I am running code 8.4.2

ASA Version 7.2(2)
hostname ExampleASA5505
enable password LongComplexPassword
route outside 99.x.x.158
interface Vlan1
 nameif inside
 security-level 100
 ip address
interface Vlan2
 nameif outside
 security-level 0
 pppoe client vpdn group Examplegroup
 ip address pppoe setroute
 ip address 99.x.x.157 pppoe
interface Ethernet0/0
 switchport access vlan 2
 speed 10
 duplex full
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
passwd *
boot system disk0:/asa722-k8.bin
ftp mode passive
dns domain-lookup inside
dns server-group DefaultDNS
access-list OutsideAllowedIn extended permit icmp any any
access-list Inside_nat0_outbound extended permit ip 99.x.x.155
pager lines 24
logging console errors
logging buffered informational
logging history notifications
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu management 1500
ip local pool ATTIPS 99.x.x.153-99.x.x.156
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm522.bin
no asdm history enable
arp timeout 14400
global (outside) 1 99.x.x.153
nat (inside) 0 access-list Inside_nat0_outbound
nat (inside) 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
aaa-server vpn protocol radius
aaa-server vpn host
 key popchart1234
group-policy Exampleremote internal
group-policy Exampleremote attributes
 dns-server value
 vpn-tunnel-protocol IPSec
 ipsec-udp enable
 ipsec-udp-port 10000
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value Exampleremote_splitTunnelAcl
 default-domain value
same-security-traffic permit intra-interface
http server enable
http inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet timeout 5
ssh inside
ssh timeout 25
console timeout 0
vpdn group Examplegroup request dialout pppoe
vpdn group Examplegroup localname
vpdn group Examplegroup ppp authentication chap
vpdn username password cisco5505 store-local
dhcpd auto_config outside
class-map inspection_default
 match default-inspection-traffic
policy-map global_policy
 class inspection_default
  inspect pptp
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect netbios
  inspect rsh
  inspect rtsp
  inspect skinny
  inspect sqlnet
  inspect sunrpc
  inspect tftp
  inspect sip
  inspect xdmcp
  inspect dns
prompt hostname context

I was not able to get the following command in the ASA
ip address pppoe setroute
 ip address 72.149.X.X pppoe_group
 but was able to get
ip address 72.149.X.X pppoe setroute
to go in.  Does this line in essence combine the two and will it really work?
Question by:brian_appliedcpu
    LVL 35

    Accepted Solution

    It should be something like:  ip address ipaddress mask pppoe
    Have a look at: that for 8.3 but should also work on 8.4
    LVL 17

    Expert Comment

    Or, to keep it easier, use ASDM to enter the information ... switch the interface to PPPoE and just fill in the form ...

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
    This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now