From: DAN DORTON (DHSTS68@xxxxxxxxxxxxxxx)
Date: Wed Feb 13 2002 - 13:27:18 GMT-3
This is straight from your link:
When using the ppp authentication command with the callin keyword, the
Access Server will only authenticate the remote device if the remote
device initiated the call (for example, if the remote device "called
in"). In this case, authentication is specified on incoming (received)
calls only.
Unfortunately this is my issue.
If both sides need dialer maps (Including maps to their own
interfaces.). IE: Every interface must be pingable from every router.
Then it IS possible that the called party might be the side you have
callin set on.
This means that it CAN authenticate chap. Correct?
Then the rules also state that one side must NEVER be able to
authenticate chap.
So if you do have dialer maps on both sides & have callin specified on
the side that you do not want to authenticate then in theory that side
could authenticate if it is called.
So what do you do in this situation?
I configured ppp authentication chap on one side & not on the other,
but still added the username & password of the other router on each
side.
It appeared that it worked, but I have no idea which way CISCO wants
it!!!!
ARGH!!!! HELP PLEASE!!!!
Thanks,
Dan
>>> "fwells12" <fwells12@hotmail.com> 02/13/02 10:15AM >>>
http://www.cisco.com/warp/customer/131/ppp_callin_hostname.html
----- Original Message -----
From: "DAN DORTON" <DHSTS68@dhs.state.il.us>
To: <ccielab@groupstudy.com>
Sent: Wednesday, February 13, 2002 6:05 AM
Subject: PPP Authentication one way.
> Can anyone give me the difinitive answer on how to set this up?
>
> I have seen many things in practice labs & on this board, but I want
to
> know the proper way.
>
> One side never authenticates, but dialer maps need to be placed on
both
> sides.
>
> Thanks,
This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 13:46:21 GMT-3