From: Jonathan V Hays (jhays@jtan.com)
Date: Sun Feb 09 2003 - 22:47:21 GMT-3
I have the answer to this question, from experimentation with a friend's
ISDN simulator. When you configure "ppp chap hostname FAKE_NAME" on a
given router, then either the remote router's hostname or "FAKE_NAME"
will work in that same router's dialer map "name" field. But it must be
one of these two because a random string won't work.
On the remote router you need "username FAKE_NAME password xxxx".
FYI.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Jonathan V Hays
Sent: Thursday, January 30, 2003 10:21 AM
To: 'Wang Tao'; ccielab@groupstudy.com
Subject: RE: question on dialer map?
Tao,
That's actually a darn good question. The usage of "name" in dialer map
commands does seem a bit confusing. from the examples I've seen. Let's
start off with the documentation CD's definition of "name" under "dialer
map":
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/
dial_r/drdrd.htm#1018540
"(Optional) Indicates the remote system with which the local router or
access server communicates. Used for authenticating the remote system on
incoming calls."
But consider a specific example in Solie's book (pages 477-479) which
contradicts the above statement. In the example a central site router
requires the same CHAP authentication string ("FAKE_NAME") on all the
remote routers dialing in, supposedly to simplify configuration on the
central site router. Relevant configs from the book are excerpted below:
! Central Site
hostname ISDN-2
username FAKE_NAME password cisco
! under BRI0:
dialer map ip 175.10.23.1 name ISDN-1 broadcast 6129319937
ppp authentication chap
--- ! Remote Site hostname ISDN-1 username ISDN-2 password cisco ! under BRI0: dialer map ip 175.10.23.2 name ISDN-2 broadcast 6129319933 ppp authentication chap ppp hostname FAKE_NAMEQ1. I wonder why "name ISDN-2" is configured in the dialer map statement; why not "name FAKE_NAME"? This config indicates that the use of the "ppp hostname" command renders the dialer map "name" keyword useless for authentication but it raises the question what "name" is needed for.
Q2. Why isn't "ppp chap password" also used in Solie's config? Is it optional?
Let's look at a second example (slightly modified) from a well-respected commercial source. In the problem statement the alternate ppp chap hostname is required on both sides. Here's their solution:
hostname r5 username router6 password 0 cisco ! BRI0: dialer map ip 1.1.1.1 name router6 broadcast 1111 ppp authentication chap ppp chap hostname router5 ppp chap password 0 nortel --- hostname r6 username router5 password 0 cisco ! BRI0: dialer map ip 1.1.1.2 name router5 broadcast 1112 ppp authentication chap ppp chap hostname router6 ppp chap password 0 nortel
Note that this solution uses the ppp chap hostname in the dialer map statement, unlike Solie who uses the router hostname.
Q3. So is the dialer map "name" statement relevant at all, when an alternate name is specified?
Unfortunately I don't have ready access to ISDN to test this out. I welcome any clarifying comments.
-Jonathan
-----Original Message----- From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Wang Tao Sent: Thursday, January 30, 2003 3:07 AM To: ccielab@groupstudy.com Subject: question on dialer map?
Hi, all,
I have a question on the command of dialer map.
dialer map ip 1.1.1.1 name routerB 1111
what is the exactly meaning/usage of the parameter "name"? >From the manual and tips, this parameter should be the same with >username xxx password xxx when I use chap authentication. But my lab tells me that if I use another name, it still works fine. So what is the exact usage of this parameter in this command?
Many thanks!
Tao .
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:17 GMT-3