From: Zeng Puyang (zbridge98@xxxxxxxxx)
Date: Wed May 09 2001 - 00:48:08 GMT-3
I think you must change the username password to be same. It looks like this pa
ssword will take prefer than the ppp chap password. Am I correct?
I used ppp chap password success in one way chap, without username password.
Good luck
Zeng
----- Original Message -----
From: "Grant W. Patten" <gpatten@lucent.com>
To: "Khalid Nafie" <knafie@ncr.com.kw>; "BootCamp" <ccielab@groupstudy.com>
Sent: Wednesday, May 09, 2001 2:59 AM
Subject: RE: CHAP Authentication
> That works just fine. Then is it fair to say definitively that CHAP only
> works when both sides are using the same password and it isn't possible to
> configure it with different passwords? If so, then why does the
> configuration require username/password to be configured for each remote peer
?
>
> Thanks,
> Grant
>
> At 08:41 PM 5/8/2001 +0300, Khalid Nafie wrote:
> >Hi Grant,
> > Try to use the same password for both usernames.
> >================================================
> >Yours,
> >Khaled Nafie
> >Network Engineer
> >Customer Services
> >MCSE,CCDP,CCNP VOCIE ACCESS
> >NCR Corporation, Kuwait
> >Mob.: +965-9872046
> >Tel : +965- 2412201, 2412203
> >Fax : +965-2413075
> >
> > > ----------
> > > From: Grant Patten[SMTP:gpatten@lucent.com]
> > > Reply To: Grant Patten
> > > Sent: Tuesday, May 08, 2001 8:12 PM
> > > To: 'ccielab@groupstudy.com'
> > > Subject: CHAP Authentication
> > >
> > > I'm struggling to get a good understanding of how exactly CHAP
> > > Authentication works. I think I'm missing something fundamental and
> > > hopefully one of you can help me out. Thanks.
> > >
> > > When I use the configuration below, I get the following debug messages:
> > >
> > > 1d15h: BR0:1 PPP: Treating connection as a callout
> > > 1d15h: BR0:1 PPP: Phase is AUTHENTICATING, by both
> > > 1d15h: BR0:1 CHAP: Using alternate hostname ISDN2
> > > 1d15h: BR0:1 CHAP: O CHALLENGE id 14 len 26 from "ISDN2"
> > > 1d15h: BR0:1 CHAP: I CHALLENGE id 14 len 26 from "ISDN1"
> > > 1d15h: BR0:1 CHAP: Using alternate hostname ISDN2
> > > .d15h: BR0:1 CHAP: O RESPONSE id 14 len 26 from "ISDN2"
> > > 1d15h: BR0:1 CHAP: I FAILURE id 14 len 25 msg is "MD/DES compare failed"
> > >
> > >
> > > Here is the relevant portions of the configs I'm using on R1 and R2. I
> > > changed the encrypted ppp chap password to what I actually set:
> > >
> > >
> > > R2
> > >
> > > hostname R2
> > > !
> > > !
> > > username ISDN1 password 0 CCIE
> > > !
> > > !
> > > interface BRI0
> > > ip address 147.10.1.2 255.255.255.0
> > > no ip directed-broadcast
> > > encapsulation ppp
> > > dialer map ip 147.10.1.1 name ISDN1 broadcast 8358661
> > > dialer-group 1
> > > isdn switch-type basic-ni
> > > isdn spid1 0835866201
> > > isdn spid2 0835866401
> > > ppp authentication chap
> > > ppp chap hostname ISDN2
> > > ppp chap password cisco
> > >
> > > R1
> > > hostname R1
> > > !
> > > !
> > > username ISDN2 password 0 cisco
> > > !
> > > interface BRI0
> > > ip address 147.10.1.1 255.255.255.0
> > > no ip directed-broadcast
> > > encapsulation ppp
> > > dialer map ip 147.10.1.2 name ISDN2 broadcast
> > > dialer-group 1
> > > isdn switch-type basic-ni
> > > isdn spid1 0835866101
> > > isdn spid2 0835866301
> > > ppp authentication chap
> > > ppp chap hostname ISDN1
> > > ppp chap password CCIE
> > > **Please read:http://www.groupstudy.com/list/posting.html
> **Please read:http://www.groupstudy.com/list/posting.html
|:"f
|g-J+~7&!"\"fv7,1+a6Zy
_rj(}J&
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:36 GMT-3