From: Gregg Malcolm (greggm@xxxxxxxxxxxxx)
Date: Wed Mar 27 2002 - 15:06:28 GMT-3
PPP auth is required for analog and dialer profiles. From CCO :
<snip>
Authentication
After the successful completion of LCP negotiation and reaching an agreement
on AuthProto, the next step is authentication. Authentication, while not
mandatory per RFC1661, is highly recommended on all dial connections. In
some instances, it is a requirement for proper operation; Dialer Profiles
being a case in point.
The two principal types of authentication in PPP are the Password
Authentication Protocol (PAP) and the Challenge Handshake Authentication
Protocol (CHAP), defined by RFC1334 and updated by RFC1994.
So, it is possible to do PPP over ISDN w/o auth as long as it is legacy. In
practice, as others have suggested, you should always do PPP auth on ISDN
tho. I suppose there could be a scenario that asked to use PPP over ISDN
w/o auth. In that case, make sure you don't use dialer profiles.
Gregg
----- Original Message -----
From: <Giveortake@AOL.COM>
To: <ccielab@groupstudy.com>
Sent: Tuesday, March 26, 2002 10:26 PM
Subject: Old stuff PPP Authentication
> Forgive me.... Archives down...
>
> In playing with the PPP authentication I have a couple questions hopefully
> someone can answer. Looking for clarity as always. In reviewing the
below,
> please keep in mind that my configs other than the authentication work
fine.
> If I put in PPP authentication chap on both sids I connect and can ping
side
> to side..
>
> 1. If I configure no ppp authentication on either side, there is no
> challenge/response by either party. Link goes up/up. Can not ping. Do
I
> HAVE to have some sort of authentication in order to establish
communication?
>
> 2. Continuing question 1, is it mandatory to have username and password
for
> PPP negotiation/authentication? In other words if I have no user
> names/passwords and configure no ppp authentication on either side I
connect
> and go up/up but can not ping. Debug ppp negotion looks fine and of
course
> there is no challenge so I figured I should be able to communicate accross
> the link but I guess not. Apparently this is the way it is supposed to
work.
> Can anyone confirm?
>
> 3. When I configure PPP authentication only on the CALLED side, it does
> indeed challenge and authenticates. I can ping no problem. If I do it
> the other way and put PPP authentication only on the CALLING side, I
connect
> and there is a successfull challenge/response, but I can not ping. Why
> does it work when the called side initiates the challenge but not the
other
> way around? Is this the way it is supposed to work?
>
> Thanks,
>
> David
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:57:23 GMT-3