RE: PPP Chap hostname with Dialer profile

From: Ivan (limmti@yahoo.com.sg)
Date: Tue Apr 29 2003 - 21:53:55 GMT-3

• Next message: Jason Sinclair: "OT: RE: ATM?"
• Previous message: Wes Stevens: "RE: ATM?"
• Maybe in reply to: Ivan: "PPP Chap hostname with Dialer profile"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Jonathan,

Thank you for your advice.
Manage to find the fault. The dialer remote-name on R1
should be changed to the R2 alternate hostname and not
R2.

Thank you

Below is my correct working config:

> >
> > R1 (called Router)
> > ---------------------
> >
> > username test password cisco
> >
> > interface Async1
> > no ip address
> > encapsulation ppp
> > dialer in-band
> > dialer pool-member 1
> > async default routing
> > async dynamic routing
> > async mode dedicated
> > ppp authentication chap
> > !
> > interface Dialer1
> > ip address 170.1.201.2 255.255.255.252
> > encapsulation ppp
> > dialer pool 1
> > dialer remote-name test <<<<<<<<change
> > dialer-group 1
> > no peer neighbor-route
> > ppp authentication chap
> > !
> >
> > R2 (Calling Router)
> > -------------------
> >
> > username R1 password cisco
> >
> > interface Async1
> > no ip address
> > encapsulation ppp
> > dialer in-band
> > dialer pool-member 1
> > async default routing
> > async dynamic routing
> > async mode dedicated
> > ppp authentication chap
> > !
> > interface Dialer1
> > ip address 170.1.201.2 255.255.255.252
> > encapsulation ppp
> > dialer pool 1
> > dialer remote-name R1
> > dialer-group 1
> > dialer string 1234
> > dialer idle-timeout 60
> > no peer neighbor-route
> > ppp authentication chap
> > ppp chap hostname test
>
> Hi Ivan,
>
> "debug ppp auth" is a handy tool for figuring out
> ppp authentication
> issues.
>
> You need a "username test password cisco" entry on
> R1 for this to work.
>
> I'll give you a brief sketch of how CHAP works, as I
> understand it:
>
> 1. R2 would normally send "R2" but since you
> configured "ppp chap
> hostname test" it sends "test" as the challenge
> string to R1.
>
> 2. R1 looks up the password for "test" and hashes it
> (encrypts it) along
> with some other stuff and sends it back to R2.
>
> 3. R2 does its own hash on "test" and compares it to
> the result from R1.
>
> 4. If the hashes are identical R2 sends a message to
> R1 saying
> authentication passed.
>
> R1 does the same to R2, using the string "R1". BTW,
> make sure that "R1"
> is the hostname for R1.
>
> HTH
>
>

• Next message: Jason Sinclair: "OT: RE: ATM?"
• Previous message: Wes Stevens: "RE: ATM?"
• Maybe in reply to: Ivan: "PPP Chap hostname with Dialer profile"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu May 01 2003 - 13:36:09 GMT-3