====== Настройка MPD5 + MikBILL ======
====== Описание ======
MPD5 представляет собой HiLoad сервер доступа для протоколов PPPoE/PPTP на базе FreeBSD
====== Настройка NAS ======
{{ :billing:nas_access_server:mpd5-nas.jpg?nolink& |}}
====== Пример конфига ======
192.168.0.2-mikbill
192.168.0.1-mpd5
cat /usr/local/etc/mpd5/mpd.conf
startup:
# configure mpd users
set user admin password admin
# configure the console
set radsrv peer 192.168.0.2 secret
set radsrv self 192.168.0.1 3799
set radsrv open
set console self 127.0.0.1 5005
set console open
# configure the web server
set web self 0.0.0.0 5006
set web open
default:
load pptp_server
load pppoe_server
pptp_server:
create bundle template C
set iface idle 1800
set iface enable tcpmssfix
set ipcp yes vjcomp
set ipcp ranges 172.20.20.20/32 ippool pool1
set ipcp dns 192.168.200.253 8.8.4.4
set bundle enable compression
set iface enable nat
create link template L pptp
set link action bundle C
# set link enable multilink
set link yes acfcomp protocomp
set link no eap
set link yes chap-msv1
set link yes chap-msv2
set link yes chap-md5
set link enable chap pap chap-msv2 chap-msv1
set link enable
set link keep-alive 30 120
set link mtu 1500
set link mru 1500
set link enable peer-as-calling
set pptp self 0.0.0.0
load server_common
pppoe_server:
create bundle template B
set iface idle 1800
set iface enable tcpmssfix
set ipcp no vjcomp
set ipcp ranges 172.25.25.25/32 ippool pool1
set ipcp dns 192.168.200.253 8.8.4.4
set bundle enable compression
create link template common pppoe
set link mtu 1500
set link mru 1500
set link enable multilink
set link action bundle B
set link no eap
set link no chap-msv1
set link no chap-msv2
set link no chap-md5
set link enable chap pap
set link enable
set link yes acfcomp protocomp
set link enable report-mac
load server_common
set pppoe service "*"
create link template em2 common
set pppoe iface em2
set link enable incoming
create link template em3 common
set pppoe iface em3
set link enable incoming
create link template vlan65 common
set pppoe iface vlan65
set link enable incoming
server_common:
set link no eap
set link yes chap-md5
set link keep-alive 30 120
set link enable incoming
set link no acfcomp protocomp
load radius
radius:
set radius config /usr/local/etc/mpd5/radius.conf
set radius retries 3
set radius timeout 600
set radius me 192.168.0.2
set radius identifier BSD
set auth acct-update 300
set auth enable radius-auth
set auth enable radius-acct
set radius enable message-authentic
# cat /usr/local/etc/mpd5/radius.conf
auth 192.168.0.2:1812 secret 1813
acct 192.168.0.2:1813 secret 1812 1813