From: Jack Reynolds (jacreyno@xxxxxxxxx)
Date: Sun Jan 28 2001 - 16:42:54 GMT-3
OK, I got this working, but here is what I had to do... Both R3 and R5 are
running 12.0(9). I had to get rid of my dialer profiles and go BACK to
dialer maps on the physical bri's. This is the only way PAP auth would
work.
Thanks for all the replies. Has anyone else see this problem?
JR
-----Original Message-----
From: Jack Reynolds [mailto:jacreyno@cisco.com]
Sent: Sunday, January 28, 2001 10:46 AM
To: Kyle Galusha; Bernard Dunn
Subject: RE: ISDN PAP
Tried it, but still no worky.
-----Original Message-----
From: Kyle Galusha [mailto:kgalusha@cisco.com]
Sent: Sunday, January 28, 2001 10:48 AM
To: Bernard Dunn; Jack Reynolds
Subject: RE: ISDN PAP
found it. ppp pap sent-username.
Thanks,
Kyle
At 05:15 AM 1/29/2001 +1100, Bernard Dunn wrote:
>
>
>int dialer0
>
>ppp sent-username xxx password yyy
>ppp authen pap
>
>
>On Sun, 28 Jan 2001, Jack Reynolds wrote:
>
>> Hi,
>>
>> I am using dialer interfaces with ppp auth pap (this command also
appears on
>> bri physical)
>>
>> I made sure that each router had a username for the other router's
dialer
>> remote-name. Both passwords set to cisco.
>>
>>
>> When I do Chap on this, it works fine. Hmmm....
>>
>> R5 (calling router)
>>
>> username R3 password 0 cisco
>>
>> interface BRI0
>> no ip address
>> no ip directed-broadcast
>> encapsulation ppp
>> dialer pool-member 1
>> isdn switch-type basic-ni
>> isdn spid1 0835866201 8358662
>> isdn spid2 0835866401 8358664
>> ppp authentication chap
>> !
>> interface Dialer0
>> ip address 137.10.254.2 255.255.255.252
>> no ip directed-broadcast
>> encapsulation ppp
>> ip ospf interface-retry 0
>> ip ospf demand-circuit
>> dialer remote-name R3
>> dialer idle-timeout 60
>> dialer string 8358661
>> dialer pool 1
>> dialer-group 1
>> ppp authentication chap
>>
>> dialer-list 1 protocol ip permit
>>
>>
>>
>> R3 (called router)
>>
>> username R5 password 0 cisco
>>
>> interface BRI0
>> no ip address
>> no ip directed-broadcast
>> encapsulation ppp
>> dialer pool-member 1
>> isdn switch-type basic-ni
>> isdn spid1 0835866101 8358661
>> isdn spid2 0835866301 8358663
>> ppp authentication chap
>> !
>> interface Dialer0
>> ip address 137.10.254.1 255.255.255.252
>> no ip directed-broadcast
>> ip pim sparse-mode
>> encapsulation ppp
>> ip ospf interface-retry 0
>> ip ospf demand-circuit
>> dialer remote-name R5
>> dialer idle-timeout 60
>> dialer pool 1
>> dialer-group 1
>> ppp authentication chap
>>
>> dialer-list 1 protocol ip permit
>>
>> Now I substitute CHAP for PAP, and here is the debug ppp packet on R5:
>>
>> 13:54:45: BR0:1 LCP: AuthProto PAP (0x0304C023)
>> 13:54:45: BR0:1 LCP: MagicNumber 0x0CF7A525 (0x05060CF7A525)
>> 13:54:45: BR0:1 PPP: I pkt type 0xC021, datagramsize 12
>> 13:54:45: BR0:1 LCP: O CONFNAK [REQsent] id 54 len 9
>> 13:54:45: BR0:1 LCP: AuthProto CHAP (0x0305C22305)
>> 13:54:45: BR0:1 LCP: I CONFREJ [REQsent] id 48 len 8
>> 13:54:45: BR0:1 LCP: AuthProto PAP (0x0304C023)
>> 13:54:45: BR0:1 LCP: O CONFREQ [REQsent] id 49 len 14
>> 13:54
>> :45: BR0:1 PPP: I pkt type 0xC021, datagramsize 18
>> 13:54:45: BR0:1 LCP: AuthProto PAP (0x0304C023)
>> 13:54:45: BR0:1 LCP: MagicNumber 0x03088F46 (0x050603088F46)
>> 13:54:45: BR0:1 LCP: I CONFREQ [REQsent] id 55 len 14
>> 13:54:45: BR0:1 LCP: AuthProto PAP (0x0304C023)
>> 13:54:45: BR0:1 LCP: MagicNumber 0x0CF7A525 (0x05060CF7A525)
>> 13:54:45: BR0:1 PPP: I pkt type 0xC021, datagramsize 12
>> 13:54:45: BR0:1 LCP: O CONFNAK [REQsent] id 55 len 9
>> 13:54:45: BR0:1 LCP: AuthProto CHAP (0x0305C22305)
>>
>>
>> Here is deb ppp auth on R5:
>>
>> 13:56:55: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down
>> 13:56:57: %LINK-3-UPDOWN: Interface Dialer0, changed state to up
>> 13:57:05: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
>> 13:57:05: %DIALER-6-BIND: Interface BR0:1 bound to profile Di0
>> 13:57:05: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 8358661
>> 13:57:05: BR0:1 PPP: Treating connection as a callout
>> 13:57:05: %DIALER-6-UNBIND: Interface BR0:1 unbound from profile Di0
>> 13:57:05: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down
>> 13:57:15: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
>> 13:57:15: %DIALER-6-BIND: Interface BR0:1 bound to profile Di0
>> 13:57:15: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 8358661
>> 13:57:15: BR0:1 PPP: Treating connection as a callout
>> 13:57:15: %DIALER-6-UNBIND: Interface BR0:1 unbound from profile Di0
>> 13:57:15: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down
>> 13:57:25: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
>> 13:57:25: %DIALER-6-BIND: Interface BR0:1 bound to profile Di0
>> 13:57:25: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 8358661
>> 13:57:25: BR0:1 PPP: Treating connection as a callout
>> 13:57:25: %DIALER-6-UNBIND: Interface BR0:1 unbound from profile Di0
>>
>>
>> Any help is greatly appreciated!
>>
>> JR
>>
>>
>>
>> -----Original Message-----
>> From: Kyle Galusha [mailto:kgalusha@cisco.com]
>> Sent: Sunday, January 28, 2001 9:37 AM
>> To: Jack Reynolds
>> Subject: Re: ISDN PAP
>>
>>
>> Hi Jack,
>> What is not working? Did you do a debug ppp auth? What did you see?
In
>> theory chap and pap should both work about the same except that pap
sends
>> the password in the clear and chap sends a hash, and not the clear text
>> password.
>> Kyle
>>
>>
>> >Our documentation CD (even Cisco internal info, from what I can find)
>> >appears to be lacking in ppp authentication pap info. I can get CHAP
>> >working all sorts of ways, but cannot even get pap working. Can
someone
>> >shed some light for me?
>> >
>> >Thanks!
>> >
>> >JR
>> >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:46 GMT-3