From: Tim Chan (timanji@yahoo.com)
Date: Sun Sep 03 2006 - 18:03:36 ART
No confusion here. I just needed some clarification on why "ppp chap wait" was not
the correct solution when the definition of the statement appears to be the answer.
It seems more clear in the debugs. When you configure with "callin" and "callout",
the debugs show a line that says "Waiting for Peer to authenticate first", whereas
using "ppp chap wait" does not.
----- Original Message ----
From: sabrina pittarel <sabri_esame@yahoo.com>
To: Tim Chan <timanji@yahoo.com>
Cc: ccielab@groupstudy.com
Sent: Sunday, September 3, 2006 1:47:44 PM
Subject: Re: ppp chap wait
Which in this case it did.
"RouterA and RouterB should authenticate each other across the PPP link.
Configure RouterA so that it will not respond to CHAP authentication request
before RouterB has been successfully authenticated."
----- Original Message ----
From: sabrina pittarel <sabri_esame@yahoo.com>
To: Petr Lapukhov <petr@internetworkexpert.com>; Sean C. <Upp_and_Upp@hotmail.com>
Cc: Tim Chan <timanji@yahoo.com>; ccielab@groupstudy.com
Sent: Sunday, September 3, 2006 11:34:30 AM
Subject: Re: ppp chap wait
Now you got me thinking....I'm moving away a little from the ppp chap wait command
Usually when we want one side to authenticate the other, but not viceversa we configure "ppp authentication" of the authenticator side and only the ppp credentials on the remote
Another way on implementing the same would be then to configure on
* the authenticator side
ppp direction callin
ppp authentication chap callin
* the authenticating side as:
ppp direction callout
ppp authentication chap callin
Assuming the task explicitly ask to meet the requirement while configuring authentication on both sides.
Sabrina
----- Original Message ----
From: Petr Lapukhov <petr@internetworkexpert.com>
To: Sean C. <Upp_and_Upp@hotmail.com>
Cc: Tim Chan <timanji@yahoo.com>; ccielab@groupstudy.com
Sent: Sunday, September 3, 2006 7:19:23 AM
Subject: Re: ppp chap wait
The trick is that is says "wait for caller".
If you have a leased line, ppp direction is "dedicated" by default,
and "chap wait" does make sense.
You need to set up one end as "ppp direction callin" and another
as "ppp direction callout" to simulate "dialup" situation.
HTH
2006/9/3, Sean C. <Upp_and_Upp@hotmail.com>:
>
> Hi Tim,
>
> There was a good thread on this last year on GS. Not sure if this will
> help
> you out, but pay attention to Marvin's last email:
> http://www.groupstudy.com/archives/ccielab/200503/threads.html#00604
>
> HTH,
> Sean
> ----- Original Message -----
> From: "Tim Chan" <timanji@yahoo.com>
> To: <ccielab@groupstudy.com>
> Sent: Saturday, September 02, 2006 4:19 PM
> Subject: ppp chap wait
>
>
> Hi all,
>
> I know this might seem a bit obvious, but can someone explain the command
> "ppp chap wait"?
>
> According to the doccd:
> "To specify that the router will not authenticate to a peer requesting
> CHAP
> authentication until after the peer has authenticated itself to the
> router."
>
> But it's also enabled by default. That being the case, if two routers are
> trying to authenticate each
> other, then wouldn't they never come up because they are both waiting for
> each other to authenticate first?
> (Which I know does not happen.)
>
> I'm asking because in IEWB lab 18, task 3.1 says to make sure that R4
> doesn't respond to chap
> authentication before R5 has been successfully authenticated.
>
> The definition of "ppp chap wait" would appear to be the solution, but it
> isn't.
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
-- Petr Lapukhov, CCIE #16379 petr@internetworkexpert.comInternetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-224-8987 Outside US: 775-826-4344
This archive was generated by hypermail 2.1.4 : Sun Oct 01 2006 - 16:55:39 ART