RE: Old stuff PPP Authentication

From: ying chang (ying_c@xxxxxxxxxxx)
Date: Wed Mar 27 2002 - 14:54:33 GMT-3

• Next message: Diment, Andrew: "RE: CAR vs traffic shapping"
• Previous message: John Mistichelli: "Re: CAR vs traffic shapping"
• Maybe in reply to: Giveortake@xxxxxxx: "Old stuff PPP Authentication"
• Next in thread: Gregg Malcolm: "Re: Old stuff PPP Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Tarek,

ISDN works for me without authentication, with PAP, or CHAP. My problems are
having hard to keep the line down instead of bring it up in some test cases.
In rare cases, I lost ping packets, but normally the problem is fixed by
shut/no shut on int bri0. Which kind of PAP problems do you have? Just
curious. I'm using Teltone 2000 ISDN simulator.

Chang

>From: Tarek Sabry <tsabry@houston.sns.slb.com>
>Reply-To: Tarek Sabry <tsabry@houston.sns.slb.com>
>To: "'John Neiberger'" <neiby@ureach.com>, Giveortake@aol.com,
>ccielab@groupstudy.com
>Subject: RE: Old stuff PPP Authentication
>Date: Wed, 27 Mar 2002 11:09:52 -0600
>
>From my very recent experience I could ping just fine without
>authentication
>at all. I'm pasting my config for you. I am also including a ping from R6,
>then after bouncing the BRI on R5, a ping from R5. Both work.
>
>I even had legacy on one side and a dialer profile on the other.
>
>What I had lots of problems with is PPP PAP. Can someone confirm that PAP
>works fine???
>
>Thanks
>Tarek
>
>!
>hostname r5
>!
>!
>!
>interface BRI0
> ip address 20.0.0.5 255.0.0.0
> encapsulation ppp
> dialer map ip 20.0.0.6 name r6 broadcast 5552222
> dialer load-threshold 1 outbound
> dialer-group 1
> isdn switch-type basic-net3
> ppp multilink
>!
>access-list 101 deny igrp any any
>access-list 101 permit ip any any
>dialer-list 1 protocol ip list 101
>!
>
>----------------------------------------------------
>
>!
>hostname r6
>!
>!
>interface BRI0
> no ip address
> encapsulation ppp
> dialer pool-member 1
> isdn switch-type basic-net3
> ppp multilink
>!
>interface Dialer0
> ip address 20.0.0.6 255.0.0.0
> encapsulation ppp
> dialer pool 1
> dialer string 5551111
> dialer load-threshold 1 outbound
> dialer-group 1
> pulse-time 0
> ppp multilink
>!
>!
>access-list 101 deny igrp any any
>access-list 101 permit ip any any
>dialer-list 1 protocol ip list 101
>!
>
>-----------------------------------------------------
>
>r6#ping 20.0.0.5
>
>Type escape sequence to abort.
>Sending 5, 100-byte ICMP Echos to 20.0.0.5, timeout is 2 seconds:
>
>1d03h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
>1d03h: %DIALER-6-BIND: Interface BR0:1 bound to profile Di0
>1d03h: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 5551111
>r5.!!!!
>Success rate is 80 percent (4/5), round-trip min/avg/max = 36/36/36 ms
>r6#
>1d03h: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed
>state
>to
>up
>r6#
>r6#
>
>--------------------------------------------------------
>
>r5#
>r5#conf t
>Enter configuration commands, one per line. End with CNTL/Z.
>r5(config)#int bri0
>r5(config-if)#shut
>r5(config-if)#
>r5(config-if)#
>r5(config-if)#n
>1d03h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down
>1d03h: %LINK-5-CHANGED: Interface BRI0, changed state to administratively
>down
>1d03h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down
>1d03h: %LINK-3-UPDOWN: Interface BRI0:2, changed state to down
>1d03h: %ISDN-6-DISCONNECT: Interface BRI0:1 disconnected from unknown ,
>call la
>sted 63 seconds
>1d03h: %ISDN-6-LAYER2DOWN: Layer 2 for Interface BRI0, TEI 88 changed to
>down
>1d03h: %ISDN-6-LAYER2DOWN: Layer 2 for Interface BR0, TEI 88 changed to
>down
>1d03h: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed
>state
>to
>down
>1d03h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1,
>changed
>state to dow
>r5(config-if)#
>r5(config-if)#
>r5(config-if)#no shut
>r5(config-if)#
>1d03h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down
>1d03h: %LINK-3-UPDOWN: Interface BRI0:2, changed state to down
>1d03h: %LINK-3-UPDOWN: Interface BRI0, changed state to up
>1d03h: %ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 89 changed to up
>r5(config-if)#
>r5(config-if)#
>r5(config-if)#
>r5(config-if)#
>r5(config-if)#
>r5(config-if)#^Z
>r5#pi
>1d03h: %SYS-5-CONFIG_I: Configured from console by consoleng 20.0.0.6
>
>Type escape sequence to abort.
>Sending 5, 100-byte ICMP Echos to 20.0.0.6, timeout is 2 seconds:
>
>1d03h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
>1d03h: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
>1d03h: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 5552222
>r6.!!!!
>Success rate is 80 percent (4/5), round-trip min/avg/max = 36/36/36 ms
>r5#
>1d03h: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed
>state
>to
>up
>1d03h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1,
>changed
>state to up
>r5#
>r5#
>
>-------------------------------------------------------------
>
>
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
>John Neiberger
>Sent: Wednesday, March 27, 2002 10:30 AM
>To: Giveortake@AOL.COM; ccielab@groupstudy.com
>Subject: Re: Old stuff PPP Authentication
>
>
>In my experience, I have always had to use
>some sort of authentication to get PPP over
>ISDN to work correctly. I've spoken with
>others who have more experience than I and
>they've reported the same types of issues.
>I've since made it my standard policy to
>*always* use authentication on ISDN and I
>haven't had those sorts of problems since.
>
>HTH,
>John
>
>
>---- On Wed, 27 Mar 2002, Giveortake@AOL.COM
>(Giveortake@AOL.COM) wrote:
>
> > Forgive me.... Archives down...
> >
> > In playing with the PPP authentication I
>have a couple questions
> > hopefully
> > someone can answer. Looking for clarity
>as always. In reviewing the
> > below,
> > please keep in mind that my configs other
>than the authentication work
> > fine.
> > If I put in PPP authentication chap on
>both sids I connect and can ping
> > side
> > to side..
> >
> > 1. If I configure no ppp authentication
>on either side, there is no
> > challenge/response by either party. Link
>goes up/up. Can not ping.
> > Do I
> > HAVE to have some sort of authentication
>in order to establish
> > communication?
> >
> > 2. Continuing question 1, is it
>mandatory to have username and
> > password for
> > PPP negotiation/authentication? In
>other words if I have no user
> > names/passwords and configure no ppp
>authentication on either side I
> > connect
> > and go up/up but can not ping. Debug
>ppp negotion looks fine and of
> > course
> > there is no challenge so I figured I
>should be able to communicate
> > accross
> > the link but I guess not. Apparently this
>is the way it is supposed to
> > work.
> > Can anyone confirm?
> >
> > 3. When I configure PPP authentication
>only on the CALLED side, it does
> >
> > indeed challenge and authenticates. I
>can ping no problem. If I do
> > it
> > the other way and put PPP authentication
>only on the CALLING side, I
> > connect
> > and there is a successfull
>challenge/response, but I can not ping.
> > Why
> > does it work when the called side
>initiates the challenge but not the
> > other
> > way around? Is this the way it is
>supposed to work?
> >
> > Thanks,
> >
> > David
> >

• Next message: Diment, Andrew: "RE: CAR vs traffic shapping"
• Previous message: John Mistichelli: "Re: CAR vs traffic shapping"
• Maybe in reply to: Giveortake@xxxxxxx: "Old stuff PPP Authentication"
• Next in thread: Gregg Malcolm: "Re: Old stuff PPP Authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:23 GMT-3