Re: CHAP Authentication

From: Paul Crist (pcrist@xxxxxxxxxxx)
Date: Tue May 08 2001 - 15:08:06 GMT-3

• Next message: Grant W. Patten: "RE: CHAP Authentication"
• Previous message: Brittan Walker: "Home Lab"
• Maybe in reply to: Grant Patten: "CHAP Authentication"
• Next in thread: Grant W. Patten: "RE: CHAP Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
The md/des failed refers to the password being incorrect...I looked at your
configuration and it looks ok...I would try to enter the password again.
You may have added a space at the end without knowing it. Here is the link
to cisco's website that refers to the problem.
http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/vpn_soln/l2fcase/l
2ftask1.htm#xtocid2893520

Paul Crist
----- Original Message -----
From: "Grant Patten" <gpatten@lucent.com>
To: <ccielab@groupstudy.com>
Sent: Tuesday, May 08, 2001 1:12 PM
Subject: CHAP Authentication

> I'm struggling to get a good understanding of how exactly CHAP
> Authentication works. I think I'm missing something fundamental and
> hopefully one of you can help me out. Thanks.
>
> When I use the configuration below, I get the following debug messages:
>
> 1d15h: BR0:1 PPP: Treating connection as a callout
> 1d15h: BR0:1 PPP: Phase is AUTHENTICATING, by both
> 1d15h: BR0:1 CHAP: Using alternate hostname ISDN2
> 1d15h: BR0:1 CHAP: O CHALLENGE id 14 len 26 from "ISDN2"
> 1d15h: BR0:1 CHAP: I CHALLENGE id 14 len 26 from "ISDN1"
> 1d15h: BR0:1 CHAP: Using alternate hostname ISDN2
> .d15h: BR0:1 CHAP: O RESPONSE id 14 len 26 from "ISDN2"
> 1d15h: BR0:1 CHAP: I FAILURE id 14 len 25 msg is "MD/DES compare failed"
>
>
> Here is the relevant portions of the configs I'm using on R1 and R2. I
> changed the encrypted ppp chap password to what I actually set:
>
>
> R2
>
> hostname R2
> !
> !
> username ISDN1 password 0 CCIE
> !
> !
> interface BRI0
> ip address 147.10.1.2 255.255.255.0
> no ip directed-broadcast
> encapsulation ppp
> dialer map ip 147.10.1.1 name ISDN1 broadcast 8358661
> dialer-group 1
> isdn switch-type basic-ni
> isdn spid1 0835866201
> isdn spid2 0835866401
> ppp authentication chap
> ppp chap hostname ISDN2
> ppp chap password cisco
>
> R1
> hostname R1
> !
> !
> username ISDN2 password 0 cisco
> !
> interface BRI0
> ip address 147.10.1.1 255.255.255.0
> no ip directed-broadcast
> encapsulation ppp
> dialer map ip 147.10.1.2 name ISDN2 broadcast
> dialer-group 1
> isdn switch-type basic-ni
> isdn spid1 0835866101
> isdn spid2 0835866301
> ppp authentication chap
> ppp chap hostname ISDN1
> ppp chap password CCIE
> **Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html

• Next message: Grant W. Patten: "RE: CHAP Authentication"
• Previous message: Brittan Walker: "Home Lab"
• Maybe in reply to: Grant Patten: "CHAP Authentication"
• Next in thread: Grant W. Patten: "RE: CHAP Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:36 GMT-3