From: Elias Chari (elias.chari@gmail.com)
Date: Fri Aug 18 2006 - 17:23:40 ART
No you are not missing anything, the password is required at both ends. The
trick in understanding how to configure CHAP and PAP, one way or two way
authentication, is to understand what type of information is sent by each
router and how the other router uses it.
For example if R1 is challenging R2 via chap, it will challenge R2 and
provide the following info.
1. Hostname
2. Random number
3. Connection id
R2 will identify the password to use based on the username received and will
use the random number, connection id and password, pass through the MD5
algorithm and produce a hash. The response back to R1 will contain the
hostname, connection id and the hash.
R1 will use the same info, i.e connection id, random number (which was
cached) and password. If the hash produced matches the one received from R2,
then the authentication is successful.
Rgds
Elias
On 8/18/06, trevelle@wowway.com <trevelle@wowway.com> wrote:
>
> I am working on internetworkExpert lap 4 HDLC/PPP portion. The task at
> hand is for R5 to request that R4 authenticate VIA PPP with a MD5 hash value
> that represent the password CISCO. I got it to work using the current
> config, but the configuration guide does not use ppp chap password 0 CISCO
> command on R4. When I take the command out the ser 0/1 interfaceS goes down.
> Am I missing something?
>
>
>
>
>
>
> R5
> username Rack1R4 password 0 CISCO
>
> interface Serial0/1
> ip address 141.1.45.5 255.255.255.0
> encapsulation ppp
> ppp authentication chap
>
>
> R4
> username Rack1R5 password 0 CISCO
>
> interface Serial0/1
> ip address 141.1.45.4 255.255.255.0
> encapsulation ppp
> ppp chap password 0 CISCO
> end
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:57 ART