From: Jung, Jin (jin.jung@lmco.com)
Date: Tue May 13 2003 - 11:33:58 GMT-3
Okay,
First, r5 should be the calling router not r6, I guess I was confused last
time.
I think you are having same problem that I had with this.
Take a look at normal chap process. - 2 way authentication
Calling router r5
Called router r6
R5 will send challenge to r6 and request a "hash value"
R6 will send a hash value to r5 ,
R5 will authenticate r6 if the hash value is correct.
-- as you can see the authenticating router and challenging router are same
router.
--It took me 2 month to get this one simple concept....
Using call-in -- use this only if r5 is the only router calling,
You will have one-way authentication will occur - only if r5 is the calling
router, if r6 is the calling router, r5 still has to authenticate.
You can disable ppp authentication chap on r5, and r5 will not authenticate
weather or not its calling router. But r6 will still use chap,
You really need to test this with debug,
Create different scenarios.
Normal 2 way
Call-in
Disable chap
... And see the debug...
-----Original Message-----
From: Hung, Sing-Yu [mailto:Sing-Yu.Hung@pccw.com]
Sent: Tuesday, May 13, 2003 9:10 AM
To: ccielab@groupstudy.com
Subject: callin
Hi,
Can anyone tell me what is the definiation of authentication? If R5
output CHALLENGE to R6. can I said that R6 authenticate to R5?
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:41 GMT-3