RE: [do-it]Scenario 4 - 4.10 ISDN

From: Jonathan V Hays (jhays@jtan.com)
Date: Sun Sep 21 2003 - 10:09:11 GMT-3

Adel,

Thanks for the information. This might come in handy in a situation
where one cannot get a simple PPP ISDN circuit working. Try adding CHAP
and see what happens.

Up until now, I generally have configured all ISDN circuits without
authentication and made sure I could ping across the ISDN link before
adding CHAP. Once I have that working I add CHAP.

I am still quite surprised that your circuit won't work correctly
without CHAP. I suspect there is something wrong since this is the first
I have ever heard of this need to run CHAP with PPP, in over 6 years of
using ISDN both in the real world and on simulators.

Anyway, thanks again for sharing!

Jonathan

-----Original Message-----
From: do-it-admin@lists.netmasterclass.net
[mailto:do-it-admin@lists.netmasterclass.net] On Behalf Of Adel Abushaev
Sent: Sunday, September 21, 2003 12:13 AM
To: do-it@lists.netmasterclass.net
Subject: Re: [do-it]Scenario 4 - 4.10 ISDN

Jonathan,

I have tested several different approaches of no, one-way and mutual
authentications over ISDN with "basic-ni" switch.
The switch that I am using has some "difficulties" and does not like
when
there is no auth or half-way auth across it.

To avoid this I had to use isdn calling-number on the side that was not
sending challenge and use map to calling number
on the other side. Otherwise I was getting "Connected to unknown" and
dialer
map statements would simply not work.

I can't test it on basic-5ess myself, but other people confirm there are
no
problems with basic-5ess. So you may still enjoy
ppp with no authentication on that type of switch.

I haven't used any isdn emulators and I assume they are working fine
around
this situation and I will remember this for future
references.

Thanks,

Adel.

----- Original Message -----
From: "Jonathan V Hays" <jhays@jtan.com>
To: "'Adel Abushaev'" <adel@netmasterclass.net>;
<do-it@lists.netmasterclass.net>
Sent: Saturday, September 20, 2003 11:50 PM
Subject: RE: [do-it]Scenario 4 - 4.10 ISDN

> Adel,
>
> I appreciate your advice to ask the proctor. Don't worry, I always
ask.
> I think I have set the record for the number of questions asked during
a
> CCIE Lab exam. <g>
>
> As a veteran of 3 attempts, I have found that proctors are not very
> helpful in answering questions of the type "Am I allowed to do this?"
no
> matter how you phrase it. When you ask a question like that the
proctor
> will just say "I can't answer that" or "Everything you need to
configure
> it is right there in the exam booklet" or "There is often more than
one
> way to configure something."
>
> In my experience, PPP on ISDN works just fine without authentication.
At
> least on the half dozen or so different ISDN simulators I've come
across
> on various rental racks and the one in my own lab. Here's my
> configuration from Scenario 4, with the backup interface configured
and
> the frame link shut down on FRS:
>
> R1#sh run int bri1/0
> Building configuration...
>
> Current configuration : 249 bytes
> !
> interface BRI1/0
> ip address 172.16.122.1 255.255.255.0
> encapsulation ppp
> dialer map ip 172.16.122.2 name R2 broadcast 8358662
> dialer-group 1
> isdn switch-type basic-ni
> isdn spid1 0835866101
> isdn spid2 0835866301
> no peer neighbor-route
> end
>
> R1#p 172.16.122.2
>
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 172.16.122.2, timeout is 2 seconds:
> !!!!!
> Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36
ms
> R1#sh is ac
>
------------------------------------------------------------------------
> --------
> ISDN ACTIVE CALLS
>
------------------------------------------------------------------------
> --------
> Call Calling Called Remote Seconds Seconds Seconds
> Charges
> Type Number Number Name Used Left Idle
> Units/Currency
>
------------------------------------------------------------------------
> --------
> Out ---N/A--- 8358662 R2 45 119 0
0
>
>
------------------------------------------------------------------------
> --------
>
> R1#
>
> Thanks for the response,
>
> Jonathan
>
> -----Original Message-----
> From: do-it-admin@lists.netmasterclass.net
> [mailto:do-it-admin@lists.netmasterclass.net] On Behalf Of Adel
Abushaev
> Sent: Saturday, September 20, 2003 10:56 PM
> To: do-it@lists.netmasterclass.net
> Subject: Re: [do-it]Scenario 4 - 4.10 ISDN
>
>
> I think you can't run PPP without any authentication on ISDN. In my
case
> I
> always use CHAP, since it requires you to put
> less commands and it's more secure.
>
> I would always ask proctor wether or not to use authentication. If
there
> is
> no authentication then it might be a point to use
> HDLC.
>
> Adel.
>
> ----- Original Message -----
> From: "Jonathan V Hays" <jhays@jtan.com>
> To: <do-it@lists.netmasterclass.net>
> Sent: Saturday, September 20, 2003 6:14 PM
> Subject: [do-it]Scenario 4 - 4.10 ISDN
>
>
> > Although the ISDN requirements in the Workbook do not even hint at
> this,
> > the Final Configuration Script shows that CHAP has been configured.
> > Should this be our standard practice during the CCIE Lab Exam, to
> > configure CHAP? Will we lose points if we don't, even though it is
not
> > specified?
> >
> > Thanks,
> >
> > Jonathan
> >
> >
> > _______________________________________________
> > do-it mailing list
> > do-it@lists.netmasterclass.net
> > http://lists.netmasterclass.net/mailman/listinfo/do-it
> >
>
> _______________________________________________
> do-it mailing list
> do-it@lists.netmasterclass.net
> http://lists.netmasterclass.net/mailman/listinfo/do-it
>
>
>
>

This archive was generated by hypermail 2.1.4 : Wed Oct 01 2003 - 07:24:33 GMT-3