From: Derek Pocoroba (dpocoroba@gmail.com)
Date: Wed Jul 18 2007 - 18:02:28 ART
Ben,
I believe the reason the direction is needed is that PPP doenst really have
any direction by default. With that i mean its treated as a dedicated line.
When you configure the callin/out your simulating a more client/server
setup.
The side with the "callin" will then be the one to "Waiting for Peer to
authenticate first" you can see this in the debugs.
"ppp chap wait" is on be default
without direction configured
*Mar 1 00:17:16.278: %LINK-3-UPDOWN: Interface Serial0/1, changed state to
up
*Mar 1 00:17:16.278: Se0/1 PPP: Using default call direction
*Mar 1 00:17:16.278: Se0/1 PPP: Treating connection as a dedicated line
*Mar 1 00:17:16.278: Se0/1 PPP: Authorization required
*Mar 1 00:17:16.290: Se0/1 CHAP: O CHALLENGE id 3 len 28 from "Rack1R5"
*Mar 1 00:17:16.294: Se0/1 CHAP: I CHALLENGE id 3 len 28 from "Rack1R4"
*Mar 1 00:17:16.298: Se0/1 CHAP: Using hostname from unknown source
*Mar 1 00:17:16.302: Se0/1 CHAP: Using password from AAA
*Mar 1 00:17:16.302: Se0/1 CHAP: O RESPONSE id 3 len 28 from "Rack1R5"
*Mar 1 00:17:16.306: Se0/1 CHAP: I RESPONSE id 3 len 28 from "Rack1R4"
*Mar 1 00:17:16.310: Se0/1 PPP: Sent CHAP LOGIN Request
Rack1R5(config-if)#
*Mar 1 00:17:16.314: Se0/1 PPP: Received LOGIN Response PASS
*Mar 1 00:17:16.314: Se0/1 PPP: Sent LCP AUTHOR Request
*Mar 1 00:17:16.318: Se0/1 LCP: Received AAA AUTHOR Response PASS
*Mar 1 00:17:16.318: Se0/1 CHAP: O SUCCESS id 3 len 4
*Mar 1 00:17:16.322: Se0/1 CHAP: I SUCCESS id 3 len 4
Rack1R5(config-if)#
*Mar 1 00:17:17.324: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Serial0/1, changed state to up
with direction configured
*Mar 1 00:20:02.807: %LINK-3-UPDOWN: Interface Serial0/1, changed state to
up
*Mar 1 00:20:02.807: Se0/1 PPP: Using configured call direction
*Mar 1 00:20:02.807: Se0/1 PPP: Treating connection as a callin
*Mar 1 00:20:02.811: Se0/1 PPP: Authorization required
*Mar 1 00:20:02.819: Se0/1 CHAP: O CHALLENGE id 4 len 28 from "Rack1R5"
*Mar 1 00:20:02.823: Se0/1 CHAP: I CHALLENGE id 4 len 28 from "Rack1R4"
*Mar 1 00:20:02.823: Se0/1 CHAP: Waiting for Peer to authenticate first
*Mar 1 00:20:02.835 : Se0/1 CHAP: I RESPONSE id 4 len 28 from "Rack1R4"
*Mar 1 00:20:02.843: Se0/1 PPP: Sent CHAP LOGIN Request
*Mar 1 00:20:02.843: Se0/1 PPP: Received LOGIN Response PASS
*Mar 1 00:20:02.847: Se0/1 PPP: Sent LCP AUTHOR Request
Rack1R5(config-if)#
*Mar 1 00:20:02.851: Se0/1 CHAP: Using hostname from unknown source
*Mar 1 00:20:02.851: Se0/1 CHAP: Using password from AAA
*Mar 1 00:20:02.851: Se0/1 CHAP: O RESPONSE id 4 len 28 from "Rack1R5"
*Mar 1 00:20:02.855: Se0/1 LCP: Received AAA AUTHOR Response PASS
*Mar 1 00:20:02.855: Se0/1 CHAP: O SUCCESS id 4 len 4
*Mar 1 00:20:02.875: Se0/1 CHAP: I SUCCESS id 4 len 4
Rack1R5(config-if)#
*Mar 1 00:20: 03.877: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Serial0/1, changed state to up
Rack1R5(config-if)#
HTH
-Derek
On 7/18/07, Ben <bmunyao@gmail.com> wrote:
>
> Hi
>
> Is there any difference in the way the following two configs work? The
> scenario asks for R4 to wait for R5 to authenticate before R4 also gets
> authenticated.
>
> 1. ppp direction
>
> R4
> int s0/1
> encap ppp
> ppp authe chap
> ppp direction call-in
> R5
> int s0/1
> encap ppp
> ppp authe chap
> ppp direction call-out
>
> 2. ppp chap wait
>
> R4
> int s0/1
> encap ppp
> ppp authe chap
> ppp chap wait
> R5
> int s0/1
> encap ppp
> ppp authe chap
>
>
> Ben
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Aug 18 2007 - 08:17:41 ART