From: Bola Adegbonmire (BolaAD@xxxxxxxxxxxxxxxxx)
Date: Thu Aug 22 2002 - 03:26:34 GMT-3
forgot to include this earlier. If you intend to still have your authentication
been done the way it is then change the command "ppp authen chap callin" on R3
to "ppp authen chap callout" this way R3 will not challenge R5 beacause the ca
ll is incoming to R3, but will still receive a challenge from R5 as long as all
you have is ppp authe chap" on R5.
Try both and see how it works.
-----Original Message-----
From: Bola Adegbonmire
Sent: Wednesday, August 21, 2002 8:08 AM
To: 'Armand D'
Cc: 'ccielab@groupstudy.com'
Subject: RE: PPP authentication chap callin
Armand,
The problem is this from your config postings:
The called router will always challenge the calling router with this config. Th
ere is a little assumption Cisco makes that is, the calling router knows who he
is calling and if you do want authentication one way, you can disable for the
calling router not to challenge the called router.
In other words R5 should be the one carrying the ppp "authentication chap calli
n" command and not R3. because R5 is calling you can't achieve your objective o
f R5 challenging R3 and R3 not challenging R5.
What you should do is move this command to R5, then R5 will receive a challenge
but will not challenge R3 in return.
-----Original Message-----
From: Armand D [mailto:ciscoworks2001@yahoo.com]
Sent: Thursday, August 08, 2002 8:04 AM
To: ccielab@groupstudy.com
Subject: PPP authentication chap callin
I'm trying to configue PPP CHAP accross my Bri link.
With my R5 router not challenging my R3 router for
authentication. However, I am unable to get it to
work.
With this command "ppp chap callin" I'm trying to NOT
challange the R3 router for authentication.
What am I doing wrong here ?
CALLING ROUTER
========================
hostname R5
!
username r3 password 0 cisco
!
interface BRI0/0
ip address 135.4.35.5 255.255.255.0
no ip directed-broadcast
encapsulation ppp
dialer map ip 135.4.35.6 name cisco 8358664
dialer map ip 135.4.35.6 name cisco 8358662
dialer load-threshold 64 either
dialer-group 1
isdn switch-type basic-ni
isdn spid1 0835866101 8358661
isdn spid2 0835866301 8358663
ppp callback request
ppp authentication chap
ppp multilink
hold-queue 75 in
directed-broadcast
!
router igrp 10
network 135.4.0.0
!
access-list 100 permit ip any any
dialer-list 1 protocol ip list 100
===================
Called router :
hostname R3
!
username r5 password 0 cisco
!
interface Loopback0
ip address 135.4.3.3 255.255.255.0
no ip directed-broadcast
!
interface BRI0/0
ip address 135.4.35.6 255.255.255.0
no ip directed-broadcast
encapsulation ppp
dialer map ip 135.4.35.5 name cisco 8358663
dialer map ip 135.4.35.5 name cisco 8358661
dialer load-threshold 64 outbound
dialer-group 1
isdn switch-type basic-ni
isdn spid1 0835866201 8358662
isdn spid2 0835866401 8358664
ppp callback accept
ppp auth chap
ppp multilink
!
router igrp 10
redistribute connected
redistribute ospf 1 metric 64 1 255 255 34
network 135.4.0.0
!
access-list 100 permit ip any any
dialer-list 1 protocol ip list 100
Thanks,
Armand
This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:48:33 GMT-3