Re: callback or callin - please help

From: Arifur Rahman (arahman@cisco.com)
Date: Sat May 15 2004 - 12:05:09 GMT-3

• Next message: Vazman@aol.com: "Re: Dialer Watch Puzzle"
• Previous message: Howard C. Berkowitz: "Re: Difference between Layer 2 and Layer 3 switches"
• Maybe in reply to: Arifur Rahman: "callback or callin - please help"
• Next in thread: MMoniz: "RE: callback or callin - please help"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi
I understood different. If you leave R1 without callin/callout/callback etc
then it will challenge both ways. But requirement "r1 will authenticate r2
only when r2 call r1". So does not matter what R2 challenge or not. Thank
you for your reply.

- Arif

At 04:13 PM 5/14/2004 -0700, Ahmed Mustafa wrote:
>To me,
>
>The command "PPP Authentication chap callin will go on R2 since it is a
>called router. R2 will initiate a call, R1 will challange it.
>
>Check this link out.
>
>http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configuration_examp
>le09186a0080094333.shtml#configuringunidirectionalchapauthentication
>
>
>----- Original Message -----
>From: "Carlos G Mendioroz" <tron@huapi.ba.ar>
>To: "Arifur Rahman" <arahman@cisco.com>
>Cc: <ccielab@groupstudy.com>
>Sent: Friday, May 14, 2004 3:03 AM
>Subject: Re: callback or callin - please help
>
>
> > I would say the first config meets your req.
> > R1 authenticates R2 on callin, but not on callout (note you have a
> > CHALLENGE I but not CHALLENGE O in the second (callback) call.
> >
> > Arifur Rahman wrote:
> > > Hi Group
> > > if it was asked "r1 will authenticate r2 only when r2 call r1", should I
> > > use callin or callout for r1. Please help. Config and debug below
> > >
> > > r2#sr int s3/0:23
> > > interface Serial3/0:23
> > > ip address 172.16.12.2 255.255.255.0
> > > encapsulation ppp
> > > dialer map ip 172.16.12.1 name r1 broadcast 5678
> > > dialer-group 1
> > > isdn switch-type primary-ni
> > > ppp callback request
> > > ppp authentication chap
> > > ppp multilink
> > > end
> > > r2#
> > >
> > >
> > > r1#sr int s3/0:23
> > > interface Serial3/0:23
> > > ip address 172.16.12.1 255.255.255.0
> > > encapsulation ppp
> > > dialer callback-secure
> > > dialer idle-timeout 20 either
> > > dialer enable-timeout 5
> > > dialer map ip 172.16.12.2 name r2 class CALLB broadcast 1234
> > > dialer-group 1
> > > isdn switch-type primary-ni
> > > isdn protocol-emulate network
> > > isdn T310 30000
> > > ppp callback accept
> > > ppp authentication chap callin
> > > ppp multilink
> > > end
> > >
> > > "debug ppp authen" output of router r1
> > >
> > > r1#
> > > 01:08:16: %LINK-3-UPDOWN: Interface Serial3/0:22, changed state to up
> > > r1#
> > > 01:08:16: Se3/0:22 PPP: Using dialer call direction
> > > 01:08:16: Se3/0:22 PPP: Treating connection as a callin
> > > 01:08:16: Se3/0:22 CHAP: O CHALLENGE id 8 len 23 from "r1"
> > > 01:08:16: Se3/0:22 CHAP: I CHALLENGE id 13 len 23 from "r2"
> > > 01:08:16: Se3/0:22 CHAP: Waiting for peer to authenticate first
> > > 01:08:16: Se3/0:22 CHAP: I RESPONSE id 8 len 23 from "r2"
> > > 01:08:16: Se3/0:22 CHAP: O SUCCESS id 8 len 4
> > > 01:08:16: Se3/0:22 CHAP: Processing saved Challenge, id 13
> > > 01:08:16: Se3/0:22 CHAP: O RESPONSE id 13 len 23 from "r1"
> > > 01:08:16: Se3/0:22 CHAP: I SUCCESS id 13 len 4
> > > 01:08:17: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0:22,
> > > changed state to up
> > > 01:08:17: %ISDN-6-DISCONNECT: Interface Serial3/0:22 disconnected from
> > > 1234 r2, call lasted 1 seconds
> > > r1#
> > > 01:08:17: %LINK-3-UPDOWN: Interface Serial3/0:22, changed state to down
> > > 01:08:18: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0:22,
> > > changed state to down
> > > r1#
> > > Vi1: Dialer re-enable time must be greater than serial pulse time: 5
> > > 01:08:21: %LINK-3-UPDOWN: Interface Serial3/0:0, changed state to up
> > > 01:08:21: Se3/0:0 PPP: Using dialer call direction
> > > 01:08:21: Se3/0:0 PPP: Treating connection as a callout
> > > 01:08:21: Se3/0:0 CHAP: I CHALLENGE id 9 len 23 from "r2"
> > > 01:08:21: Se3/0:0 CHAP: O RESPONSE id 9 len 23 from "r1"
> > > 01:08:21: Se3/0:0 CHAP: I SUCCESS id 9 len 4
> > > 01:08:21: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
> > > r1#
> > > 01:08:21: Vi1 PPP: Using dialer call direction
> > > 01:08:21: Vi1 PPP: Treating connection as a callout
> > > r1#
> > > 01:08:22: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0:0,
> > > changed state to up
> > > 01:08:22: %LINEPROTO-5-UPDOWN: Line protocol on Interface
> > > Virtual-Access1, changed state to up
> > > r1#
> > > 01:08:27: %ISDN-6-CONNECT: Interface Serial3/0:0 is now connected to
> > > 1234 r2
> > > r1#
> > > 01:08:42: %ISDN-6-DISCONNECT: Interface Serial3/0:0 disconnected from
> > > 1234 r2, call lasted 20 seconds
> > > r1#
> > > 01:08:42: %LINK-3-UPDOWN: Interface Serial3/0:0, changed state to down
> > > r1#
> > > 01:08:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0:0,
> > > changed state to down
> > > 01:08:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface
> > > Virtual-Access1, changed state to down
> > > r1#
> > > r1#
> > > r1#
> > > r1#
> > > r1#
> > > r1#ct
> > > Enter configuration commands, one per line. End with CNTL/Z.
> > > r1(config)#int s3/0:23
> > > r1(config-if)# ppp authentication chap callb
> > > r1(config-if)#^Z
> > > r1#
> > > 01:09:00: %SYS-5-CONFIG_I: Configured from console by console
> > > r1#
> > > r1#
> > > r1#sr int s3/0:23
> > > Building configuration...
> > >
> > > Current configuration : 392 bytes
> > > !
> > > interface Serial3/0:23
> > > ip address 172.16.12.1 255.255.255.0
> > > encapsulation ppp
> > > dialer callback-secure
> > > dialer idle-timeout 20 either
> > > dialer enable-timeout 5
> > > dialer map ip 172.16.12.2 name r2 class CALLB broadcast 1234
> > > dialer-group 1
> > > isdn switch-type primary-ni
> > > isdn protocol-emulate network
> > > isdn T310 30000
> > > ppp callback accept
> > > ppp authentication chap callback
> > > ppp multilink
> > > end
> > >
> > > r1#
> > > 01:09:11: %LINK-3-UPDOWN: Interface Serial3/0:22, changed state to up
> > > r1#
> > > 01:09:11: Se3/0:22 PPP: Using dialer call direction
> > > 01:09:11: Se3/0:22 PPP: Treating connection as a callin
> > > 01:09:11: Se3/0:22 CHAP: I CHALLENGE id 14 len 23 from "r2"
> > > 01:09:11: Se3/0:22 CHAP: O RESPONSE id 14 len 23 from "r1"
> > > 01:09:11: Se3/0:22 CHAP: I SUCCESS id 14 len 4
> > > 01:09:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0:22,
> > > changed state to up
> > > 01:09:12: %ISDN-6-CONNECT: Interface Serial3/0:22 is now connected to
>r2
> > > 01:09:12: %ISDN-6-DISCONNECT: Interface Serial3/0:22 disconnected from
> > > r2, call lasted 1 seconds
> > > r1#
> > > 01:09:12: %LINK-3-UPDOWN: Interface Serial3/0:22, changed state to down
> > > 01:09:13: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0:22,
> > > changed state to down
> > > r1#
> > > 01:09:16: %LINK-3-UPDOWN: Interface Serial3/0:0, changed state to up
> > > r1#
> > > Vi1: Dialer re-enable time must be greater than serial pulse time: 5
> > > 01:09:16: Se3/0:0 PPP: Using dialer call direction
> > > 01:09:16: Se3/0:0 PPP: Treating connection as a callout
> > > 01:09:16: Se3/0:0 CHAP: O CHALLENGE id 2 len 23 from "r1"
> > > 01:09:16: Se3/0:0 CHAP: I CHALLENGE id 10 len 23 from "r2"
> > > 01:09:16: Se3/0:0 CHAP: O RESPONSE id 10 len 23 from "r1"
> > > 01:09:16: Se3/0:0 CHAP: I SUCCESS id 10 len 4
> > > 01:09:16: Se3/0:0 CHAP: I RESPONSE id 2 len 23 from "r2"
> > > 01:09:16: Se3/0:0 CHAP: O SUCCESS id 2 len 4
> > > 01:09:16: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
> > > r1#
> > > 01:09:16: Vi1 PPP: Using dialer call direction
> > > 01:09:16: Vi1 PPP: Treating connection as a callout
> > > r1#
> > > 01:09:17: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0:0,
> > > changed state to up
> > > 01:09:17: %LINEPROTO-5-UPDOWN: Line protocol on Interface
> > > Virtual-Access1, changed state to up
> > > r1#
> > > 01:09:22: %ISDN-6-CONNECT: Interface Serial3/0:0 is now connected to
> > > 1234 r2
> > > r1#
> > > 01:09:37: %ISDN-6-DISCONNECT: Interface Serial3/0:0 disconnected from
> > > 1234 r2, call lasted 20 seconds
> > >
> > > Appreciate your help. thank you - Arif
> > >
> > > _______________________________________________________________________
> > > Please help support GroupStudy by purchasing your study materials from:
> > > http://shop.groupstudy.com
> > >
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> >
> > --
> > Carlos G Mendioroz <tron@huapi.ba.ar> LW7 EQI Argentina
> >
> > _______________________________________________________________________
> > Please help support GroupStudy by purchasing your study materials from:
> > http://shop.groupstudy.com
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html

• Next message: Vazman@aol.com: "Re: Dialer Watch Puzzle"
• Previous message: Howard C. Berkowitz: "Re: Difference between Layer 2 and Layer 3 switches"
• Maybe in reply to: Arifur Rahman: "callback or callin - please help"
• Next in thread: MMoniz: "RE: callback or callin - please help"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Wed Jun 02 2004 - 11:12:12 GMT-3