Saturday, October 11, 2008

PPP authentication


R2 and R3 are connected using ppp encapsulation. The following post denotes the steps necessary to enable
i) PAP or clear text authentication.
&
ii) CHAP

First PAP

On R2 and R3 its necessary to first configure the username and passwords.

R2
config#username R3 password CISCO

R3
config#username R2 password CISCO

Under the serial interfaces enable pap authentication.

on R2 and R3
config-if#ppp authentication pap

Under the serial interfaces configure the pap username and password to be sent to the remote router

R2
config-if#ppp pap sent-username R2 password CISCO

R3
config-if#ppp pap sent-username R3 password CISCO

For verification enable debub ppp authentication

For chap authentication the task list is actually shorter. The same as above except 'ppp authentication chap' under the interface and the last step does not apply!

Again debug ppp authentication denotes success or failure!

*Oct 11 11:26:36.762: Se2/1 PPP: Authorization required
*Oct 11 11:26:36.846: Se2/1 CHAP: O CHALLENGE id 2 len 28 from "Rack1R2"
*Oct 11 11:26:36.902: Se2/1 CHAP: I CHALLENGE id 3 len 28 from "Rack1R3"
*Oct 11 11:26:36.910: Se2/1 CHAP: Using hostname from unknown source
*Oct 11 11:26:36.910: Se2/1 CHAP: Using password from AAA
*Oct 11 11:26:36.914: Se2/1 CHAP: O RESPONSE id 3 len 28 from "Rack1R2"
*Oct 11 11:26:36.974: Se2/1 CHAP: I RESPONSE id 2 len 28 from "Rack1R3"
*Oct 11 11:26:36.974: Se2/1 PPP: Sent CHAP LOGIN Request
*Oct 11 11:26:36.974: Se2/1 PPP: Received LOGIN Response PASS
*Oct 11 11:26:36.974: Se2/1 CHAP: I SUCCESS id 3 len 4
Rack1R2(config-if)#
*Oct 11 11:26:36.978: Se2/1 PPP: Sent LCP AUTHOR Request
*Oct 11 11:26:36.982: Se2/1 PPP: Sent IPCP AUTHOR Request
*Oct 11 11:26:36.990: Se2/1 LCP: Received AAA AUTHOR Response PASS
*Oct 11 11:26:36.994: Se2/1 IPCP: Received AAA AUTHOR Response PASS
*Oct 11 11:26:36.994: Se2/1 CHAP: O SUCCESS id 2 len 4
*Oct 11 11:26:37.002: Se2/1 PPP: Sent CDPCP AUTHOR Request
*Oct 11 11:26:37.010: Se2/1 CDPCP: Received AAA AUTHOR Response PASS
*Oct 11 11:26:37.066: Se2/1 PPP: Sent IPCP AUTHOR Request
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)