From: Greg Wendel (gwendel@gmail.com)
Date: Sun Jun 17 2007 - 12:54:07 ART
Scott,
I would only add that I needed to add ppp pap sent-username command on the
calling router and the username on the called router to get the link to come
up.
On 6/17/07, Scott Morris <smorris@ipexpert.com> wrote:
>
> You don't need to worry about the callout part. On serial lines, you are
> "always up" so this adds to the complication.
>
> Instead, use the "ppp authentication" command ONLY on the side you want to
> issue the authentication request from. The other side doesn't need
> anything, and will still respond to a challenge.
>
> Look at "debug ppp authentication" to watch the process.
>
>
> Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE
> #153, CISSP, et al.
> CCSI/JNCI-M/JNCI-J
> VP - Technical Training - IPexpert, Inc.
> IPexpert Sr. Technical Instructor
>
> A Cisco Learning Partner - We Accept Learning Credits!
>
> smorris@ipexpert.com
>
> Telephone: +1.810.326.1444
> Fax: +1.810.454.0130
> http://www.ipexpert.com
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Ovidiu Neghina
> Sent: Sunday, June 17, 2007 10:09 AM
> To: Cisco certification
> Subject: Re: unidirectional ppp authentication on serial interface
>
> Me again....
> After specifying the direction in each side it worked:
> On R3 that I wanted to be the one that authenticates:
> ppp direction callin
> On R2 the client being authenticated:
> ppp direction callout
>
> sorry for the spam
>
> Ovid
>
>
> On 6/17/07, Ovidiu Neghina <o.neghina@gmail.com> wrote:
> >
> > Hi dear all.
> > I have R2----------R3 connected through a serial link. I want only R3
> > to authenticate R2.
> >
> >
> > R3#sh run | i user
> > username R2 password 0 CISCO
> > R3#
> >
> > R3#sh run int ser 0/2/1
> > Building configuration...
> >
> > Current configuration : 123 bytes
> > !
> > interface Serial0/2/1
> > ip address 10.0.0.3 255.0.0.0
> > encapsulation ppp
> > clock rate 2000000
> > ppp authentication pap
> > end
> >
> > R2#sh run int ser 0/1/1
> > Building configuration...
> >
> > Current configuration : 153 bytes
> > !
> > interface Serial0/1/1
> > ip address 10.0.0.2 255.0.0.0
> > encapsulation ppp
> > ppp authentication pap callin
> > ppp pap sent-username R2 password 0 CISCO end
> >
> >
> >
> > It does not work. At debug ppp negotiation it says
> > R3#sh log | i PPP
> > *Jun 17 13:44:54.955 : Se0/2/1 PPP: Authorization required
> > R3#
> > I have read
> >
>
> http://www.cisco.com/en/US/tech/tk713/tk507/technologies_tech_note09186a0080
> 093c6f.shtml
> >
> > where unidirectional authentication is explained but over BRI
> > interfaces...
> > I think unidirectional ppp authentication is only for dial enviroment
> and
> > will not work for this setup.
> >
> > Could you confirm this please ?
> >
> > best regards
> > Ovi
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
-- Gregory Wendel Springfield VA, 22153
This archive was generated by hypermail 2.1.4 : Sun Jul 01 2007 - 17:24:49 ART