RE: MPPE - (Microsoft PPP Encryption) - anyone know how to

Beefmo,

You can run PPP mppe on serial interfaces. However, the trick to it is that you must use MS-chap authentication (makes sense since it was designed to terminate Microsoft VPN tunnels). Since this is encryption, I would recommend that you get your authentication working first on the PPP link and then enable mppe. Certain things have to match on both ends such as strength (options are 40 & 128) and whether encryption is required or not. Note that there are some options such as auto for the key strength that you can use as well. I would recommend that you look at the various settings for the command and then test them out in a lab so you understand what settings work and what settings do not work. The good news is that it is only 1 command :)

HTH,

Nathan

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of Beefmo
Sent: Thursday, May 06, 2010 6:17 AM
To: ccielab_at_groupstudy.com
Subject: MPPE - (Microsoft PPP Encryption) - anyone know how to implement this on a serial link?

Can anyone explain to me or point me to a link that shows how we'd implement
MPPE? (haha, everyone's like "wtf is mppe?")

What I do know is that it's Microsoft Point-to-Point Encryption and is
supported by Cisco as a means of encrypting PPP or PPTP. This is where I get
lost, is it just another authentication method negotiated at LCP? Or is it
only valid inside a PPTP tunnel?

What I can find of it on the Cisco site seems divided between using it with
PPP and using it with PPTP. It seems to be more of a tech to use in a
client/server VPN situation but I'd like to know how we can run it across a
serial link between two Cisco devices. I guess my understanding of PPTP is
lacking too. Any security guys help me out here?
Thanks in advance!

Blogs and organic groups at http://www.ccie.net
Received on Thu May 06 2010 - 08:42:48 ART