RE: PAP Authentication

From: Matt Holbert (mholbert@xxxxxxxxxxx)
Date: Fri Jul 07 2000 - 17:07:22 GMT-3

• Next message: Kevin Baumgartner: "Re: PAP Authentication"
• Previous message: Ron.Fuller@xxxxxx: "Re: RFC question..."
• Maybe in reply to: Bob Reed: "PAP Authentication"
• Next in thread: Kevin Baumgartner: "Re: PAP Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
   With PAP, a username and password are sent in the clear. The
   authenticating router simply looks in a table for that username and
   password. If they are the same, access is granted.
   
   CHAP uses the "password" as the key for the hash algorithm. Thus, the
   password (key) must be the same on both ends. It works like this.
   The authenticating side issues a challenge by sending a number. The
   side wanting access takes that number and performs a hash. The hashed
   value is transmitted back to the authenticating side. The
   authenticating side takes the original number transmitted and performs
   the same hash. If it gets the same hash value as was received, access
   is granted. For this to work, the keys (passwords) must be the same.
   
   -------------------------------------
   PAP configuration:
   
   R1:
   username R2 password cisco2
   
   int bri
      ppp auth pap
      ppp pap sent-username R1 password cisco1
   
   R2:
   username R1 password cisco1
   
   int bri 0
      ppp auth pap
      ppp pap sent-username R2 password cisco2
   ---------------------------------------
   
   PAP: Be sure the sent-username and password on one side matches the
   username and password on the other side.
   
   ---------------------------------------
   CHAP configuration:
   
   R1:
   username R1 password cisco
   
   int bri 0
      ppp auth chap
   
   R2:
   username R2 password cisco
   
   int bri 0
      ppp auth chap
   
   --------------------------------------
   
   Be sure the username on one side matches the router name on the other
   side. Be sure the passwords are the same on both sides.
   
   Matt
   
   -----Original Message-----
   From: Bob Reed [mailto:bobr@mmcable.com]
   Sent: Thursday, July 06, 2000 11:08 PM
   To: ccielab
   Subject: PAP Authentication
   
   I realized tonight that I have never configured PPP with PAP, always
   CHAP.
   
   
   
   I can configure ISDN with PPP CHAP with no problem. But I'm missing
   something when trying to use PAP. If I just change 'ppp auth chap' to
   'ppp auth pap', the line bounces up/down each try. Debug ppp auth show
   nothing.
   
   
   
   Any ideas what I'm missing. I'm sure it's simple.
   
   
   
   
   
   TIA,
   
   Bob

• Next message: Kevin Baumgartner: "Re: PAP Authentication"
• Previous message: Ron.Fuller@xxxxxx: "Re: RFC question..."
• Maybe in reply to: Bob Reed: "PAP Authentication"
• Next in thread: Kevin Baumgartner: "Re: PAP Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:53 GMT-3