Re: Different CHAP passwords for bidirectional authentication

From: Jim (nhatquang@thiennam.org)
Date: Wed May 04 2005 - 02:32:27 GMT-3

• Next message: Jim: "Re: Neighbor Statement on Both Sides"
• Previous message: Jim: "Re: 0.0.0.1 on OSPF hello"
• Maybe in reply to: Bob Nelson: "Different CHAP passwords for bidirectional authentication"
• Next in thread: bi.s: "Re: Different CHAP passwords for bidirectional authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> r2
> username r5 password cisco
> !
> int bri0/0
> ppp authentication chap
> ppp chap password bob
>
> r5
> username r2 password bob
> !
> int bri0/0
> ppp authentication chap

1/ r2 ( IN) <-- r5 + challenge
2/ r2 look up record matches hostname r5 -> password : cisco
3/ md5 ( cisco + challenge) -> (OUT) bob + challenge to r5
4/ r5 ( IN) <-- bob + challenge
5/ r5 looks up record matces hostname bob and find no record -->
authentication's failed.

I'm not sure that we can use seperate username/password combination but 4
me, router supposes that it must use identical username for both in&out
direction.

Jim

----- Original Message -----
From: <eward15@juno.com>
To: <nelsnjr@cox.net>
Cc: <ccielab@groupstudy.com>
Sent: Wednesday, May 04, 2005 8:16 AM
Subject: Re: Different CHAP passwords for bidirectional authentication

> What password is r5 sending to r2? Do a "debug ppp auth" and see what
> you get.
>
> Eugene Ward
>
> -----------------------------------------------------------------------
>
> Hello Everyone:
>
> I am trying to configure bidirectional CHAP authentication between two
> routers.
> It works using the standard configs on both sides
> r2
> username r5 password cisco
> !
> int bri0/0
> ppp authentication chap
>
> r5
> username r2 password cisco
> !
> int bri0/0
> ppp authentication chap
>
> What I was trying to do is use a separate password for r2-to-r5
> authentication and a different one for r5-to-r2
> by doing this.
> r2
> username r5 password cisco
> !
> int bri0/0
> ppp authentication chap
> ppp chap password bob
>
> r5
> username r2 password bob
> !
> int bri0/0
> ppp authentication chap
>
> No luck!!
>
> I even tried using the ppp chap password cisco on the r5 side
> specifying cisco as the password, but no luck either.
>
> Should this work or have I missed something.
> I would like to see if it is possible to use a separate username/password
> combination
> for each side of the authentication.
>
> Thanks
> Bob
>
> ___________________________________________________________________
> Speed up your surfing with Juno SpeedBand.
> Now includes pop-up blocker!
> Only $14.95/month -visit http://www.juno.com/surf to sign up today!
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Jim: "Re: Neighbor Statement on Both Sides"
• Previous message: Jim: "Re: 0.0.0.1 on OSPF hello"
• Maybe in reply to: Bob Nelson: "Different CHAP passwords for bidirectional authentication"
• Next in thread: bi.s: "Re: Different CHAP passwords for bidirectional authentication"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:56 GMT-3