From: Christopher E. Miller (chrimill@xxxxxxxxx)
Date: Mon May 20 2002 - 03:32:05 GMT-3
Lets look at this again. I could be wrong.
Taken from the link:
If you want to operate with non-Cisco routers that do not support
authentication by the calling router or device, you must use the ppp
authentication chap callin command. When using the ppp authentication
command with the callin keyword, the Access Server will only authenticate
the remote device if the remote device initiated the call (for example, if
the remote device "called in"). In this case, authentication is specified on
incoming (received) calls only.
Non-Cisco router---------> Access Server
Calling router ----------> Called router.
The first line.....If you want to operate with non-Cisco routers that do not
support authentication by the calling router or device..
The Non-Cisco router does not support authentication by the calling router.
The 2way authen thing is happening here.
the Access Server will only authenticate the remote device if the remote
device initiated the call... Remote device(calling)
incoming (received) calls only.... received calls only (Access
server/Called) gets the callin command..
Do I have this wrong???
CHRIS
-----Original Message-----
From: David Luu [mailto:wicked01@ix.netcom.com]
Sent: Monday, May 20, 2002 1:16 AM
To: Christopher E. Miller; Michael Jia; ccielab@groupstudy.com
Subject: RE: ppp authentication chap callin
actually, its configured on the CALLING router...
http://www.cisco.com/warp/public/131/ppp_callin_hostname.html
i believe all isdn routers support 2-way chap, since companies like to
adhere to RFC
At 12:37 AM 5/20/2002 -0500, Christopher E. Miller wrote:
>This statement is backwards. The command goes on the called router. One
>reason for this command is if there is a non-Cisco router that doesn't
>support 2-way authen calling a Cisco router/Access Server.. If this is the
>case there is no way you can put ppp authentication chap callin command on
a
>non-Cisco router. Its the called router....
>
>HTH
>CHRIS
>
>-----Original Message-----
>From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
>Michael Jia
>Sent: Monday, May 20, 2002 12:10 AM
>To: ccielab@groupstudy.com
>Subject: RE: ppp authentication chap callin
>
>
>My understanding is "callin" is used on the *calling* router.
>Then called router will authentication the calling router.
>Calling router will treat the call as a "call out" and will not
>authticate the called router.
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> > MICHAEL J. KILPATRICK
> > Sent: Sunday, May 19, 2002 6:26 PM
> > To: ccarley@columbus.rr.com; ccielab@groupstudy.com
> > Subject: Re: ppp authentication chap callin
> >
> >
> > Use the CALLIN option on the called router to allow one-way
> > authentication. If the called router does not have the CALLIN
> > option, the called router will attempt to authenticate back to
> > the calling router (ie. 2-way authentication). Play with it with
> > deb ppp neg and deb ppp auth.
> >
> > Mike
> >
> >
> > >>> "Charles Carley" <ccarley@columbus.rr.com> 05/19/02 11:28 AM >>>
> > I am having trouble understanding the ppp chap authentication
> > callin command
> > from what I am finding in the archives. I understand what the
> > command does,
> > I am just not clear on how to implement it. Does someone have
> > the relevant
> > configurations from a working scenario they could share? Thank you.
> >
> > Charles
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:59:02 GMT-3