Re: Simple ISDN question -

From: Ajit (ajitmohanraj@vsnl.com)
Date: Mon Mar 03 2003 - 16:26:15 GMT-3

• Next message: Pedro Eira: "RIP lab quetion"
• Previous message: Liban.Mohamed@mail.sprint.com: "RE: BGP case."
• Maybe in reply to: Jung, Jin: "Simple ISDN question -"
• Next in thread: cebuano: "RE: Simple ISDN question -"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

****************************** CONFIG R3
hostname r3
!
logging rate-limit console 10 except errors
!
username r4 password 0 cisco
ip subnet-zero
no ip finger
no ip domain-lookup
!
isdn switch-type basic-net3
cns event-service server
!!
interface Ethernet0
 no ip address
 shutdown
!
interface Serial0
 no ip address
 shutdown
 no fair-queue
!
interface Serial1
 no ip address
 shutdown
!
interface BRI0
 ip address 10.0.0.1 255.255.255.0
 encapsulation ppp
 dialer idle-timeout 10
 dialer map ip 10.0.0.2 name r4 broadcast 2222
 dialer-group 1
 isdn switch-type basic-net3
 ppp authentication chap

************************CONFIG OF R4

hostname r4
!
logging rate-limit console 10 except errors
!
username r3 password 0 cisco
ip subnet-zero
no ip finger
no ip domain-lookup
!
isdn switch-type basic-net3
cns event-service server
!!
interface Ethernet0
 no ip address
 shutdown
!
interface Serial0
 no ip address
 shutdown
 no fair-queue
!
interface Serial1
 no ip address
 shutdown
!
interface BRI0
 ip address 10.0.0.2 255.255.255.0
 encapsulation ppp
 dialer map ip 10.0.0.1 name r3 broadcast 1111
 isdn switch-type basic-net3 ****** No
Authenctication configured
!
************************ R3 pinging R4 **************
r3#debug pp nego
PPP protocol negotiation debugging is on
r3#ping 10.0.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:

00:16:10: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
00:16:10: BR0:1 PPP: Treating connection as a callout
00:16:10: BR0:1 PPP: Phase is ESTABLISHING, Active Open [0 sess, 0 load]
00:16:10: BR0:1 LCP: O CONFREQ [Closed] id 27 len 15
00:16:10: BR0:1 LCP: AuthProto CHAP (0x0305C22305)
00:16:10: BR0:1 LCP: MagicNumber 0xD0677BEC (0x0506D0677BEC)
00:16:10: BR0:1 LCP: I CONFREQ [REQsent] id 52 len 10
00:16:10: BR0:1 LCP: MagicNumber 0xD06778EC (0x0506D06778EC)
00:16:10: BR0:1 LCP: O CONFACK [REQsent] id 52 len 10
00:16:10: BR0:1 LCP: MagicNumber 0xD06778EC (0x0506D06778EC)
00:16:10: BR0:1 LCP: I CONFACK [ACKsent] id 27 len 15
00:16:10: BR0:1 LCP: AuthProto CHAP (0x0305C22305)
00:16:10: BR0:1 LCP: MagicNumber 0xD0677BEC (0x0506D0677BEC)
00:16:10: BR0:1 LCP: State is Open
00:16:10: BR0:1 PPP: Phase is AUTHENTICATING, by this end [0 sess, 0 load]
00:16:10: BR0:1 CHAP: O CHALLENGE id 27 len 23 from "r3"
00:16:10: BR0:1 CHAP: I RESPONSE id 27 len 23 from "r4"
00:16:10: BR0:1 CHAP: O SUCCESS id 27 len 4
00:16:10:.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 36/36/36 ms
r3# BR0:1 PPP: Phase is UP [0 sess, 0 load]
00:16:10: BR0:1 IPCP: O CONFREQ [Closed] id 2 len 10
00:16:10: BR0:1 IPCP: Address 10.0.0.1 (0x03060A000001)
00:16:10: BR0:1 CDPCP: O CONFREQ [Closed] id 2 len 4
00:16:10: BR0:1 IPCP: I CONFREQ [REQsent] id 2 len 10
00:16:10: BR0:1 IPCP: Address 10.0.0.2 (0x03060A000002)
00:16:10: BR0:1 IPCP: O CONFACK [REQsent] id 2 len 10
00:16:10: BR0:1 IPCP: Address 10.0.0.2 (0x03060A000002)
00:16:10: BR0:1 CDPCP: I CONFREQ [REQsent] id 2 len 4
00:16:10: BR0:1 CDPCP: O CONFACK [REQsent] id 2 len 4
00:16:10: BR0:1 IPCP: I CONFACK [ACKsent] id 2 len 10
00:16:10: BR0:1 IPCP: Address 10.0.0.1 (0x03060A000001)
00:16:10: BR0:1 IPCP: State is Open
00:16:10: BR0:1 CDPCP: I CONFACK [ACKsent] id 2 len 4
00:16:10: BR0:1 CDPCP: State is Open
00:16:10: BR0 IPCP: Install route to 10.0.0.2
00:16:11: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed
state
to up
00:16:16: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 2222 r4
00:16:21: %ISDN-6-DISCONNECT: Interface BRI0:1 disconnected from 2222 r4,
call
lasted 11 seconds
00:16:21: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down
00:16:21: BR0:1 IPCP: State is Closed
00:16:21: BR0:1 CDPCP: State is Closed
00:16:21: BR0:1 PPP: Phase is TERMINATING [0 sess, 0 load]
00:16:21: BR0:1 LCP: State is Closed
00:16:21: BR0:1 PPP: Phase is DOWN [0 sess, 0 load]
00:16:21: BR0 IPCP: Remove route to 10.0.0.2
00:16:22: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed
state
to down
r3#

----- Original Message -----
From: "P729" <p729@cox.net>
To: "Jung, Jin" <jin.jung@lmco.com>; "Ccielab@Groupstudy.Com"
<ccielab@groupstudy.com>
Sent: Monday, March 03, 2003 10:39 PM
Subject: Re: Simple ISDN question -

> It depends on the requirements.
>
> I reiterate: The 'ppp authentication' commands instruct the router as to
> where and when to challenge the REMOTE end.
>
> Placing 'ppp authentication chap callin' on r2 will still force r1 to
> authenticate if r1 calls r2. If r2 calls r1 then r1 will not have to
> authenticate.
>
> Not configuring ppp authentication at all on r2 will never force r1 to
> authenticate no matter who calls whom.
>
> Regards,
>
> Mas Kato
> https://ecardfile.com/id/mkato
>
> ----- Original Message -----
> From: "Jung, Jin" <jin.jung@lmco.com>
> To: "'P729'" <p729@cox.net>; "Ccielab@Groupstudy.Com"
> <ccielab@groupstudy.com>
> Sent: Monday, March 03, 2003 8:09 AM
> Subject: RE: Simple ISDN question -
>
>
> OS you are saying R2 should be configured with ppp authentication chap
> callin,
> Or are you saying do not configure ppp authtiencation on r2 at all.???
>
>
>
>
> -----Original Message-----
> From: P729 [mailto:p729@cox.net]
> Sent: Monday, March 03, 2003 10:58 AM
> To: Jung, Jin; Ccielab@Groupstudy.Com
> Subject: Re: Simple ISDN question -
>
>
> The 'ppp authentication' commands instruct the router as to where and when
> to challenge the REMOTE end. If a router is challenged, it has no choice
but
> to attempt to authenticate. So in your scenario, it's not up to r1 (not
> configurable on r1). It's up to r2. r2 must be instructed not to challenge
> (authenticate) r1.
>
> With this in mind, 'ppp authentication chap callin' configured in r1
> instucts r1 to challenge the calling party when r1 is the called party (r2
> calls r1). Whether or not r1 itself is challenged during this call depends
> on how r2 is configured. In the same scenario, if r1 were to call r2, r1
> would not challenge r2 ("r2 would not have to authenticate") because its a
> "callout" from r1's perspective. Whether r1 is challenged during this
> callout still depends on how r2 is configured.
>
> Regards,
>
> Mas Kato
> https://ecardfile.com/id/mkato
>
> ----- Original Message -----
> From: "Jung, Jin" <jin.jung@lmco.com>
> To: "Ccielab@Groupstudy.Com" <ccielab@groupstudy.com>
> Sent: Monday, March 03, 2003 4:56 AM
> Subject: Simple ISDN question -
>
>
> I have seen this question asked before, but I am still not sure, If
scenario
> asks, " r1 should not authenticate", only r2 should authenticate.
>
> I am thinking I have to setup ppp authenticate chap callin on r1,
>
> Is this correct?
>
>
>
> Jin Jung
> Enterprise Information Services
> Network Infrastructure engineer
> Office: 301-640-3247
> Have a great day
> l

• Next message: Pedro Eira: "RIP lab quetion"
• Previous message: Liban.Mohamed@mail.sprint.com: "RE: BGP case."
• Maybe in reply to: Jung, Jin: "Simple ISDN question -"
• Next in thread: cebuano: "RE: Simple ISDN question -"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Apr 05 2003 - 08:51:31 GMT-3