From: Kumar, Senthil (senthil.kumar@intechnology.co.uk)
Date: Tue Nov 26 2002 - 17:24:43 GMT-3
if r1 should not challenge. r1 should call r2. when r2 receives an incoming
call and if chap is set as the authentication mode, it then challenges the
caller, when r2 challenges r1, r1 responds and r2 validates. so if at all
you want to prefer adding a callin keyword do it at r2. as r2 should only
accpet incoming calls and do authentication.
isnt this how it works..
-----Original Message-----
From: Ajit
To: charles.egbue@citicorp.com; ccielab@groupstudy.com;
mtognon@tecnonetspa.it; Sam.MicroGate@usa.telekom.de
Sent: 25/11/2002 21:24
Subject: Re: To all DDR guru....
My inputs ...
a.>>R1 should not challenge R2 :
Put "ppp chap callin" under R1. What the callin on R1 really says is
"Hey
R2, you can cahhelge me but I cant challenge you" Used when you are
connecting a Cisco router like your R! to a non-cisco router that cannot
do
authnetication. Anyway that address requirement 1.
b>> Greater than 25% of the bandwidth.
ppp multilink
dialer load-threshold 64 ( since 255 represent a 100% load factor : 64
~
25%)
To touchup your config and adding what the rest have said.......
a. username r1 password cisco on R2
b. ppp multilink /dialer load threshold/ pppauthentication chap callin
to be
added on R1 and ofcourse R2 (withouth the callin parameter)
----- Original Message -----
From: <charles.egbue@citicorp.com>
To: <ccielab@groupstudy.com>; <mtognon@tecnonetspa.it>;
<Sam.MicroGate@usa.telekom.de>
Sent: Tuesday, November 26, 2002 1:50 AM
Subject: RE: To all DDR guru....
> 1. Spids are not required for the type of isdn switch that is being
used
here (basic-net3)
> 2. You need the username statement on R2 (username r1 password cisco)
>
> Charles
>
>
> -----Original Message-----
> From: Sam.MicroGate [mailto:Sam.MicroGate@usa.telekom.de]
> Sent: Monday, November 25, 2002 11:48 AM
> To: mtognon; ccielab
> Subject: RE: To all DDR guru....
>
> Hello Massimiliano.
>
> A few things:
> 1- You need isdn spid1 and isdn spid2 interface command in R1 and R2.
They
> are missing.
> 2- You need ppp multilink interface command for the second channel to
come
> up.
> 3- Because the word callin and callout are a little bit confusing to
> interpret, Always use debug ppp authentication to monitor which router
> challenges the other and which router does not. The router that
challenges
> will have (O) challenge before the debug statement.
>
> Otherwise, everything is ok. Good luck.
>
>
> Sam
>
>
>
> -----Original Message-----
> From: Massimiliano Tognon [mailto:mtognon@tecnonetspa.it]
> Sent: Monday, November 25, 2002 10:05 AM
> To: ccielab@groupstudy.com
> Subject: To all DDR guru....
>
>
> Hi folks, question for you...
>
> this is the topology:
>
>
> R1------ ISDN------R2
>
>
> question is:
>
> Configure chap authentication between R1 and R2; R1 should not
challenge
R2.
> When the traffic is greater than 25% of the bandwidth, a second
channel
must
> be brought up.
>
> this is my configuration:
>
> R1:
>
> username r2 password cisco
>
> int bri 0
> ip address 192.168.1.1 255.255.255.0
> encapsulation ppp
> dialer map ip 192.168.1.2 name r2 broadcast 0200
> dialer idle-imeout 45
> ppp authentication chap
> dialer group 1
> isdn switch-type basic-net3
>
> dialer-list 1 protocol ip permit
>
> R2:
>
>
> int bri 0
> ip address 192.168.1.2 255.255.255.0
> encapsulation ppp
> dialer map ip 192.168.1.1 name r1broadcast 0300
> dialer idle-imeout 45
> ppp authentication chap
> dialer group 1
> isdn switch-type basic-net3
> dialer load-threshold 64 either
> ppp authentication chap callin
>
> dialer-list 1 protocol ip permit
>
>
>
> what do you think about?
> on R1 challenge is ignored but it is generated...
> do i need ppp multilink in order to work dialer load-threshlod ? i'm
little
> bit confused... any help appreciated...
>
> thanks
This archive was generated by hypermail 2.1.4 : Tue Dec 03 2002 - 07:23:11 GMT-3