RE: ISDN callback not authenticating

From: Tony Schaffran (tschaffran@cconlinelabs.com)
Date: Tue Mar 04 2003 - 00:44:57 GMT-3

• Next message: Tam selvam: "Lab swap date at Banglore"
• Previous message: Brian Dennis: "RE: ISDN callback not authenticating"
• Maybe in reply to: Jason Cash: "ISDN callback not authenticating"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

It looks like you are missing the dialer remote-name on your R5 if I am
reading your configs correctly.

 
Tony Schaffran
Network Analyst
CCIE #11071
CCNP, CCNA, CCDA,
NNCDS, NNCSS, CNE, MCSE
 
www.cconlinelabs.com
Your #1 choice for online Cisco rack rentals.
 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Jason Cash
Sent: Monday, March 03, 2003 6:12 PM
To: ccielab@groupstudy.com
Subject: ISDN callback not authenticating

I am having a problem on authenticating ISDN callback:
 
r5 is requesting callback from r6. For some reason the PPP auth is
failing. r5 is using 'ppp chap hostname ccie' which is defined on r6's
local auth. Is there a way to see the passwords neing sent other that
using PAP? I am confused as hell. The answer is listing both interface
use legacy DDR, but I want to user Dialer interface on r5. Also, the
answer states that r5 should have 'username ccie password 0 cisco'
defined. Why is that the case if I am calling r6 to authenticate?
 
r5#ping 10.1.35.6
 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.35.6, timeout is 2 seconds:
 
6d03h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
6d03h: %DIALER-6-BIND: Interface BR0:1 bound to profile Di1
6d03h: BR0:1 PPP: Treating connection as a callout
6d03h: BR0:1 CHAP: Using alternate hostname ccie
6d03h: BR0:1 CHAP: Using alternate hostname ccie
6d03h: BR0:1 CHAP: O CHALLENGE id 124 len 25 from "ccie"
6d03h: BR0:1 CHAP: I CHALLENGE id 152 len 23 from "r6"
6d03h: BR0:1 CHAP: Using alternate hostname ccie
6d03h: BR0:1 CHAP: O RESPONSE id 152 len 25 from "ccie"
6d03h: BR0:1 CHAP: I FAILURE id 152 len 25 msg is "MD/DES compare
failed"
6d03h: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 4082222222
r6
6d03h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down.
6d03h: %DIALER-6-UNBIND: Interface BR0:1 unbound from profile Di1
 
R5
hostname r5
!
username r6 password 0 cisco
username ccie password 0 cisco
!
ip subnet-zero
no ip domain-lookup
!
clns routing
isdn switch-type basic-ni
!
interface BRI0
 no ip address
 encapsulation ppp
 dialer pool-member 1
 isdn switch-type basic-ni
 isdn spid1 408111111101
 isdn spid2 408111111102
!
interface Dialer1
 ip address 10.1.35.5 255.255.255.252
 encapsulation ppp
 dialer pool 1
 dialer string 4082222222
 dialer load-threshold 1 either
 dialer-group 1
 pulse-time 0
 ppp callback request
 ppp authentication chap
 ppp chap hostname ccie
 ppp multilink
!
router ospf 1
 log-adjacency-changes
 network 10.1.35.4 0.0.0.3 area 5
!
access-list 101 deny ospf any any
access-list 101 permit ip any any
dialer-list 1 protocol ip list 101
 
R6
hostname r6
!
username ccie password 0 cisco
!
ip subnet-zero
no ip domain-lookup
!
ip multicast-routing
isdn switch-type basic-ni
!
interface BRI0
 ip address 10.1.35.6 255.255.255.252
 encapsulation ppp
 dialer callback-secure
 dialer map ip 10.1.35.5 name ccie class callback broadcast 4081111111
 dialer-group 1
 isdn switch-type basic-ni
 isdn spid1 408222222201
 isdn spid2 408222222202
 ppp callback accept
 ppp authentication chap
 ppp multilink
!
router ospf 1
 log-adjacency-changes
 redistribute igrp 1 metric 10 subnets
 network 10.1.5.0 0.0.0.7 area 10
 network 10.1.35.4 0.0.0.3 area 5
!
map-class dialer callback
 dialer callback-server username
access-list 101 deny ospf any any
access-list 101 permit ip any any
dialer-list 1 protocol ip list 101
 
r6# sh log
Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)
    Console logging: level debugging, 1888 messages logged
    Monitor logging: level debugging, 588 messages logged
    Buffer logging: level debugging, 1888 messages logged
    Trap logging: level informational, 888 message lines logged
          
Log Buffer (4096 bytes):
 
6d03h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
6d03h: BR0:1 PPP: Treating connection as a callin
6d03h: BR0:1 CHAP: O CHALLENGE id 152 len 23 from "r6"
6d03h: BR0:1 CHAP: I CHALLENGE id 124 len 25 from "ccie"
6d03h: BR0:1 CHAP: Waiting for peer to authenticate first
6d03h: BR0:1 CHAP: I RESPONSE id 152 len 25 from "ccie"
6d03h: BR0:1 CHAP: O FAILURE id 152 len 25 msg is "MD/DES compare
failed"
6d03h: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 4081111111
ccie
6d03h: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down

• Next message: Tam selvam: "Lab swap date at Banglore"
• Previous message: Brian Dennis: "RE: ISDN callback not authenticating"
• Maybe in reply to: Jason Cash: "ISDN callback not authenticating"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Apr 05 2003 - 08:51:31 GMT-3