Re: CHAP callin problem

From: Carlos Patriawan (carlos@xxxxxxxxxx)
Date: Tue Apr 03 2001 - 12:32:24 GMT-3

• Next message: Marc Russell: "RE: OSPF On Demand Circuit & RIP redistrubition"
• Previous message: Markus Haas: "AW: Redistributing variably subnetted routes from OSPF into RIP (+default-route)"
• Maybe in reply to: tom cheung: "CHAP callin problem"
• Next in thread: Charles Johnson: "RE: CHAP callin problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
try play it with this kind of scenatio too :

ppp direction callin and/or
ppp direction callout

this is to supress "where the calls going" in IOS...

ppp auth "callin" is pretty much like modem calls connecting to NAS.

Carlos

Charles Johnson wrote:

> Tom,
> It is working the way you understand it should.
>
> "AUTHENTICATING, by the peer" means that the calling router is not demanding
> authentication. Its peer (the called router) is. If you remove the "ppp
> authentication" command from the called router, there will no authentication
> at all.
>
> - Charles Johnson
> CCIE #6878
>
> -----Original Message-----
> From: Michel GASPARD [mailto:mgaspard@cisco.com]
> Sent: Tuesday, April 03, 2001 1:35 PM
> To: tom cheung
> Cc: ccielab@groupstudy.com
> Subject: Re: CHAP callin problem
>
> Tom,
>
> According to
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/dial_
> r/drprt2/drppp.htm#xtocid1896063
>
> "
> callin (Optional) Specifies authentication on incoming (received)
> calls only.
> "
>
> Does it match?
>
> Regards,
>
> Michel
>
> tom cheung wrote:
> >
> > Group,
> > I'm testing with PPP authen chap callin and was unable to get it to work.
> > I'm under the impression that with this command, the calling router will
> not
> > send a challenge to the called router. And authentication is done by the
> > called router. But it is not behaving that way. Is my understanding how
> > "callin" works incorrect?
> >
> > Here's config for the calling router:
> > interface BRI0
> > no ip address
> > no ip directed-broadcast
> > encapsulation ppp
> > dialer pool-member 1
> > isdn switch-type basic-ni
> > isdn spid1 xxxxxxxxxxxxxx
> > isdn spid2 yyyyyyyyyyyyyy
> > ppp authentication chap callin
> > ppp multilink
> > !
> > interface Dialer1
> > ip address 152.3.65.2 255.255.255.252
> > no ip directed-broadcast
> > encapsulation ppp
> > dialer remote-name r5
> > dialer idle-timeout 45
> > dialer watch-disable 20
> > dialer string xxxxxxxxxx
> > dialer pool 1
> > dialer watch-group 1
> > dialer-group 1
> > ppp authentication chap callin
> > ppp multilink
> >
> > Debug output:
> > 20:32:58: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
> > 20:32:58: %DIALER-6-BIND: Interface BR0:1 bound to profile Di1
> > 20:32:58: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 8173142121
> > 20:32:58: BR0:1 PPP: Treating connection as a callout
> > 20:32:58: BR0:1 CHAP: Using hostname r6 from interface Di1
> > 20:32:58: BR0:1 PPP: Phase is AUTHENTICATING, by the peer
> > 20:32:58: BR0:1 CHAP: I CHALLENGE id 44 len 23 from "r5"
> > 20:32:58: BR0:1 CHAP: Using hostname r6 from interface Di1
> > 20:32:58: BR0:1 CHAP: O RESPONSE id 44 len 23 from "r6"
> > 20:32:58: BR0:1 CHAP: I SUCCESS id 44 len 4
> > 20:32:58: %DIALER-6-BIND: Interface Vi1 bound to profile Di1
> > 20:32:58: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up

• Next message: Marc Russell: "RE: OSPF On Demand Circuit & RIP redistrubition"
• Previous message: Markus Haas: "AW: Redistributing variably subnetted routes from OSPF into RIP (+default-route)"
• Maybe in reply to: tom cheung: "CHAP callin problem"
• Next in thread: Charles Johnson: "RE: CHAP callin problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:39 GMT-3