From: Sean C (Upp_and_Upp@hotmail.com)
Date: Wed May 11 2005 - 11:30:35 GMT-3
Ok, just when I thought I stopped my little head from spinning, a person wrote
to me offline and brought up a good PPP question that now has me baffled also.
I tried Googling and searching the archives but nada... I found one vendor
alluded to this in their own forum, but no real explanation for the solution.
ppp chap wait: To specify that the router will not authenticate to a peer
requesting Challenge Handshake Authentication Protocol (CHAP) authentication
until after the peer has authenticated itself to the router, use the ppp chap
wait command in interface configuration mode.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/secur
_r/sec_p1g.htm#wp1070281
The perplexing part is that the doc says this command is enabled by default.
So the question is if ppp chap wait is enabled by default and both routers'
ints have this enabled, what makes the 2 routers finally authenticate
properly? The doc makes it read as if both routers will play a game of
chicken, waiting for the other side to be authenticated first before it allows
itself to be authenticated. Since each router is waiting for the other side
to be authenticated first, neither side will ever be authenticated. Arggh!!!
Any suggestions/hints of advice would be appreciated....
Sean
----- Original Message -----
From: Sean C
To: GroupStudy
Sent: Tuesday, May 10, 2005 4:17 PM
Subject: Ways of Callback PPP/ISDN/Dialer
Hello,
Just when I think I have the hang of something, I reread, I relab and my
head is all (re)screwed up again. I'm trying to understand all the ways to
utilize a callback function. From the perspective of the router that receives
the initial call and then calls the original calling router back, I've found 3
different methods:
1- dialer string class callback:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/dia
l_r/dia_d1g.htm#wp1019588
Used in conjunction with: dialer callback-server:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/dia
l_r/dia_d1g.htm#wp1105126
Used in conjunction with: ppp callback-accept:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/dia
l_r/dia_n1g.htm#wp1134019
If using this trio of commands, requires PPP authentication.
Also, even though the doc says dialer callback-server is an interface
command, I've only ever seen it applied under a map-class.
2- dialer caller callback
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/dia
l_r/dia_d1g.htm#wp1120901
Does not require PPP authentication
3- isdn caller callback
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/dia
l_r/dia_i2g.htm#wp1052104
I'm not sure if this requires PPP authentication, but my bet is that it
doesn't (like dialer caller callback).
Can anyone comment or offer any alternatives, corrections? As always, most
appreciated,
Sean
This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:57 GMT-3