Re: ISDN - ppp authentication chap

From: jaime.salazar@xxxxxxxxxx
Date: Wed Jan 12 2000 - 15:11:50 GMT-3

• Next message: jaime.salazar@xxxxxxxxxx: "Re: ISDN - ppp authentication chap"
• Previous message: Muralidhar Devarasetty: "Re: IP OSPF Demand Circuit"
• Maybe in reply to: rodrigo.kazuo@xxxxxxxxxx: "ISDN - ppp authentication chap"
• Next in thread: jaime.salazar@xxxxxxxxxx: "Re: ISDN - ppp authentication chap"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Denny

     I can't see ppp authentication chap callin on R1 on your configs.

Jaime

Denton Bobeldyk <denny@kentwoodps.org> on 12/01/2000 10:55:25 AM

Please respond to Denton Bobeldyk <denny@kentwoodps.org>

To: Jaime Salazar/Mexico/AMERICAS/Equant@Equant
cc: Rodrigo Kazuo/Brazil/AMERICAS/Equant@Equant, ccielab@groupstudy.com

Subject: Re: ISDN - ppp authentication chap

Hmm... I wasn't exactly sure how the 'callin' parameter was supposed to work,
but I found this worked just fine for me:
(Criteria: Only R3 may challenge R1)

R3 ---- R1

R3:
username R1 password 0 foo

interface Serial3
 no ip address
 encapsulation ppp
 clockrate 2000000
 ppp authentication chap
!

R1:
interface Serial0
 no ip address
 encapsulation ppp
 ppp chap hostname R1
 ppp chap password 7 00021C09
!

I then did the following:
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#int s3
R3(config-if)#shut
R3(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3, changed state to down
%LINK-5-CHANGED: Interface Serial3, changed state to administratively down
R3(config-if)#no shut
R3(config-if)#end
R3#
%SYS-5-CONFIG_I: Configured from console by console
%LINK-3-UPDOWN: Interface Serial3, changed state to up
Se3 PPP: Treating connection as a dedicated line
Se3 PPP: Phase is AUTHENTICATING, by this end
Se3 CHAP: O CHALLENGE id 4 len 23 from "R3"
Se3 CHAP: I RESPONSE id 4 len 23 from "R1"
Se3 CHAP: O SUCCESS id 4 len 4
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3, changed state to up
R3#sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID
R1 Ser 3 167 R 2500 Ser 0
R3#

Which appears to work fine. Anybody know advantages/disadvantages of this
approach
vs. the 'callin'.

-Denny

jaime.salazar@equant.com wrote:

> use ppp authentication chap callin command. use debug ppp authentication to
> compare the results.
>
> rodrigo.kazuo@equant.com on 12/01/2000 07:32:03 AM
>
> Please respond to rodrigo.kazuo@equant.com
>
> To: ccielab@groupstudy.com
> cc: (bcc: Jaime Salazar/Mexico/AMERICAS/Equant)
>
> Subject: ISDN - ppp authentication chap
>
> Is there a way to config ppp authentication chap but router must not
> sending "challenge" to the other side?!
>
> Rgds.
>

• Next message: jaime.salazar@xxxxxxxxxx: "Re: ISDN - ppp authentication chap"
• Previous message: Muralidhar Devarasetty: "Re: IP OSPF Demand Circuit"
• Maybe in reply to: rodrigo.kazuo@xxxxxxxxxx: "ISDN - ppp authentication chap"
• Next in thread: jaime.salazar@xxxxxxxxxx: "Re: ISDN - ppp authentication chap"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:22:44 GMT-3