RE: unidirectional ppp authentication on serial interface

From: Scott Morris (smorris@ipexpert.com)
Date: Sun Jun 17 2007 - 12:31:05 ART

• Next message: Greg Wendel: "Re: unidirectional ppp authentication on serial interface"
• Previous message: Scott Morris: "RE: Burssels LAB spoiled choice!!!"
• Maybe in reply to: Ovidiu Neghina: "unidirectional ppp authentication on serial interface"
• Next in thread: Greg Wendel: "Re: unidirectional ppp authentication on serial interface"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

You don't need to worry about the callout part. On serial lines, you are
"always up" so this adds to the complication.

Instead, use the "ppp authentication" command ONLY on the side you want to
issue the authentication request from. The other side doesn't need
anything, and will still respond to a challenge.

Look at "debug ppp authentication" to watch the process.

 
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE
#153, CISSP, et al.
CCSI/JNCI-M/JNCI-J
VP - Technical Training - IPexpert, Inc.
IPexpert Sr. Technical Instructor
 
A Cisco Learning Partner - We Accept Learning Credits!
 
smorris@ipexpert.com
 
Telephone: +1.810.326.1444
Fax: +1.810.454.0130
http://www.ipexpert.com
 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Ovidiu Neghina
Sent: Sunday, June 17, 2007 10:09 AM
To: Cisco certification
Subject: Re: unidirectional ppp authentication on serial interface

Me again....
After specifying the direction in each side it worked:
On R3 that I wanted to be the one that authenticates:
ppp direction callin
On R2 the client being authenticated:
 ppp direction callout

sorry for the spam

Ovid

On 6/17/07, Ovidiu Neghina <o.neghina@gmail.com> wrote:
>
> Hi dear all.
> I have R2----------R3 connected through a serial link. I want only R3
> to authenticate R2.
>
>
> R3#sh run | i user
> username R2 password 0 CISCO
> R3#
>
> R3#sh run int ser 0/2/1
> Building configuration...
>
> Current configuration : 123 bytes
> !
> interface Serial0/2/1
> ip address 10.0.0.3 255.0.0.0
> encapsulation ppp
> clock rate 2000000
> ppp authentication pap
> end
>
> R2#sh run int ser 0/1/1
> Building configuration...
>
> Current configuration : 153 bytes
> !
> interface Serial0/1/1
> ip address 10.0.0.2 255.0.0.0
> encapsulation ppp
> ppp authentication pap callin
> ppp pap sent-username R2 password 0 CISCO end
>
>
>
> It does not work. At debug ppp negotiation it says
> R3#sh log | i PPP
> *Jun 17 13:44:54.955 : Se0/2/1 PPP: Authorization required
> R3#
> I have read
>
http://www.cisco.com/en/US/tech/tk713/tk507/technologies_tech_note09186a0080
093c6f.shtml
>
> where unidirectional authentication is explained but over BRI
> interfaces...
> I think unidirectional ppp authentication is only for dial enviroment and
> will not work for this setup.
>
> Could you confirm this please ?
>
> best regards
> Ovi

• Next message: Greg Wendel: "Re: unidirectional ppp authentication on serial interface"
• Previous message: Scott Morris: "RE: Burssels LAB spoiled choice!!!"
• Maybe in reply to: Ovidiu Neghina: "unidirectional ppp authentication on serial interface"
• Next in thread: Greg Wendel: "Re: unidirectional ppp authentication on serial interface"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Jul 01 2007 - 17:24:49 ART