RE: PPP authentication chap callin

From: Bola Adegbonmire (BolaAD@xxxxxxxxxxxxxxxxx)
Date: Wed Aug 21 2002 - 04:07:54 GMT-3

• Next message: Widjaja Surja Kentjana: "RE: virtual-tokenring interface..."
• Previous message: Donny MATEO: "Re: Lab 2 Question about redistributing OSPF into BGP and allowin g on ly default route."
• Maybe in reply to: Armand D: "PPP authentication chap callin"
• Next in thread: Bola Adegbonmire: "FW: PPP authentication chap callin"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Armand,
The problem is this from your config postings:
The called router will always challenge the calling router with this config. Th
ere is a little assumption Cisco makes that is, the calling router knows who he
 is calling and if you do want authentication one way, you can disable for the
calling router not to challenge the called router.

In other words R5 should be the one carrying the ppp "authentication chap calli
n" command and not R3. because R5 is calling you can't achieve your objective o
f R5 challenging R3 and R3 not challenging R5.

What you should do is move this command to R5, then R5 will receive a challenge
 but will not challenge R3 in return.

-----Original Message-----
From: Armand D [mailto:ciscoworks2001@yahoo.com]
Sent: Thursday, August 08, 2002 8:04 AM
To: ccielab@groupstudy.com
Subject: PPP authentication chap callin

I'm trying to configue PPP CHAP accross my Bri link.
With my R5 router not challenging my R3 router for
authentication. However, I am unable to get it to
work.

With this command "ppp chap callin" I'm trying to NOT
challange the R3 router for authentication.

What am I doing wrong here ?

CALLING ROUTER
========================

hostname R5
!
username r3 password 0 cisco
!
interface BRI0/0
 ip address 135.4.35.5 255.255.255.0
 no ip directed-broadcast
 encapsulation ppp
 dialer map ip 135.4.35.6 name cisco 8358664
 dialer map ip 135.4.35.6 name cisco 8358662
 dialer load-threshold 64 either
 dialer-group 1
 isdn switch-type basic-ni
 isdn spid1 0835866101 8358661
 isdn spid2 0835866301 8358663
 ppp callback request
 ppp authentication chap
 ppp multilink
 hold-queue 75 in
 directed-broadcast
!
router igrp 10
 network 135.4.0.0
!
access-list 100 permit ip any any
dialer-list 1 protocol ip list 100

===================
Called router :

hostname R3
!
username r5 password 0 cisco
!
interface Loopback0
 ip address 135.4.3.3 255.255.255.0
 no ip directed-broadcast
!
interface BRI0/0
 ip address 135.4.35.6 255.255.255.0
 no ip directed-broadcast
 encapsulation ppp
 dialer map ip 135.4.35.5 name cisco 8358663
 dialer map ip 135.4.35.5 name cisco 8358661
 dialer load-threshold 64 outbound
 dialer-group 1
 isdn switch-type basic-ni
 isdn spid1 0835866201 8358662
 isdn spid2 0835866401 8358664
 ppp callback accept
 ppp auth chap
 ppp multilink
!
router igrp 10
 redistribute connected
 redistribute ospf 1 metric 64 1 255 255 34
 network 135.4.0.0
!
access-list 100 permit ip any any
dialer-list 1 protocol ip list 100

Thanks,

Armand

• Next message: Widjaja Surja Kentjana: "RE: virtual-tokenring interface..."
• Previous message: Donny MATEO: "Re: Lab 2 Question about redistributing OSPF into BGP and allowin g on ly default route."
• Maybe in reply to: Armand D: "PPP authentication chap callin"
• Next in thread: Bola Adegbonmire: "FW: PPP authentication chap callin"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:48:31 GMT-3