From: Enrico Asproni (easproni@cisco.com)
Date: Thu Nov 06 2003 - 14:16:12 GMT-3
Alec,
The configuration will depend if R5 places a call to R2 or if it's
the contrary or if both routers are allowed to place the call to
each other.
1) Only R5 can challenge R2, and R2 places the call to R5.
==> Configure "ppp authentication chap callin" on on R2
==> R5 configured with "ppp authentication chap"
This will tell R2 not to authenticate (i.e not to send a
challenge to) R5 when placing a call.
2) Only R5 can challenge R2, and R5 places the call to R2.
==> Configure "ppp authentication chap callout" still on R2
==> R5 configured with "ppp authentication chap"
This will tell R2 not to authenticate (i.e not to send a
challenge to) R5 when receiving a call from R5.
3) Only R5 can challenge R2, and each side can initiate the call
==> do not configure any sort of "ppp authentication chap" on R2
==> R5 configured with "ppp authentication chap"
Note : In this last case, because R2 is not configured with "ppp
authentication chap", it will never send a challenge. BUT it
will still respond to R5's challenge (provided R2 is configured
with "username R5 password <same_pwd_as_on_R2>").
HTH
E.
This archive was generated by hypermail 2.1.4 : Fri Dec 12 2003 - 12:29:09 GMT-3