RE: PPP callback with one-way authentication

From: ying-chuan.c.chang@xxxxxxxxxxx
Date: Fri Nov 30 2001 - 17:07:33 GMT-3

• Next message: Jagannadha Tamvada: "Re: One Lab- Failed....My experience"
• Previous message: Williams, Glenn: "BGP Loc Pref"
• Maybe in reply to: Jason Graun: "PPP callback with one-way authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Maybe I don't know what exactly is ppp callback with one-way
authentication. If you only have callin at the client side, you are OK when
you call the server, but the server calls back, it will challenge the
client, and client will send another challenge to the server as well, this
can be monitored by debug ppp authentication. Is this still qualify as
one-way authentication? I don't know. Can some please clarify what exactly
is PPP callback with one-way authentication?

"Andrew Lennon" <alennon_uk@yahoo.com>@groupstudy.com on 11/30/2001
01:45:43 PM

Please respond to "Andrew Lennon" <alennon_uk@yahoo.com>

Sent by: nobody@groupstudy.com

To: "'Dennis #6'" <vacant@home.com>, "'Edward Buckner'"
      <ebuckner@vocaldata.com>, "''Ccielab'" <ccielab@groupstudy.com>
cc:
Subject: RE: PPP callback with one-way authentication

Use ppp auth chap callin with a class map on the dialer interface.

PPP Callback Server

interface bri 0
 ip address 10.1.1.7 255.255.255.0
 encapsulation ppp
 dialer callback-secure
 dialer enable-timeout 2
 dialer map ip 10.1.1.8 name atlanta class dial1 81012345678901
 dialer-group 1
 ppp callback accept
 ppp authentication chap
!
map-class dialer dial1
 dialer callback-server username

PPP Callback Client

interface bri 0
 ip address 10.1.1.8 255.255.255.0
 encapsulation ppp
 dialer map ip 10.1.1.7 name dallas 81012345678902
 dialer-group 1
 ppp callback request
 ppp authentication chap callin

Another option would be to use ISDN caller id, since technically only
the receiving end is authenticating (by received number). From the
original question at the bottom of this thread, it says authenticate and
use chap, not necessarily authenticate by chap!

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/
fdial_c/fnsprt10/dafcalid.htm#xtocid1450417

and

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/
fdial_c/fnsprt10/dafcbddr.htm

Regs,

Andy

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Dennis #6
Sent: 30 November 2001 17:13
To: Edward Buckner; 'Ccielab
Subject: RE: PPP callback with one-way authentication

Since the requirement said to use chap authentication I don't think
using
pap would be the solution. I would imagine callin is the solution...

Dennis

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Edward Buckner
Sent: Friday, November 30, 2001 11:00 AM
To: 'Ccielab
Subject: RE: PPP callback with one-way authentication

I know where this question came from due to taking the lab this past
Oct.
but believe me when I say this. This is not the solution (chap callin).
I
tried it myself. I think using PAP is the correct answer but if I knew
for
sure, I would be replying with a ccie number at the end of my name. But
I
don't want to go into to much detail and go against my NDA.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Jim Brown
Sent: Friday, November 30, 2001 9:27 AM
To: 'Jason Graun'; 'fwells12'; ccielab@groupstudy.com
Subject: RE: PPP callback with one-way authentication

ppp authentication chap callin

Just for curiosity sake, where did you see this requirement? I would be
interested in the material.

-----Original Message-----
From: Jason Graun [mailto:jgraun@theocc.com]
Sent: Friday, November 30, 2001 8:11 AM
To: 'fwells12'; ccielab@groupstudy.com
Subject: RE: PPP callback with one-way authentication

Dude, I did not see are you sure!!!???

-----Original Message-----
From: fwells12 [mailto:fwells12@hotmail.com]
Sent: Friday, November 30, 2001 1:08 AM
To: Jason Graun; ccielab@groupstudy.com
Subject: Re: PPP callback with one-way authentication

Dude, there was a thread on this either this morning or yesterday!

----- Original Message -----
From: "Jason Graun" <jgraun@theocc.com>
To: <ccielab@groupstudy.com>
Sent: Thursday, November 29, 2001 11:14 AM
Subject: PPP callback with one-way authentication

> Does any body know of any way to setup up ppp callback with chap so
that
> only one side of the connection authenticates the connection?
>
> Thanks
>
> Jason Graun CCNP CCDA MCSE
> Network Engineering

• Next message: Jagannadha Tamvada: "Re: One Lab- Failed....My experience"
• Previous message: Williams, Glenn: "BGP Loc Pref"
• Maybe in reply to: Jason Graun: "PPP callback with one-way authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 21 2002 - 06:45:27 GMT-3