RE: MPPE - (Microsoft PPP Encryption) with PPP reliable link

Hi Guys,
Can someone please explain the following

1. some of the options in using the "ppp mppe encrypt" command such as
stateful,required and passive

2.Also how can i use this feature withe ppp reliable link.

3. Am presently doing a demo on Gns3. I have two point to point links set up
using PPP Chap authentication. I enable MPPE encrypt auto on both sides of the
link. Then enabled PPP reliable link on both sides. Everything looks fine
initailly . But after a while the line protocol went down.

When i removed the ppp reliable link on one of the links the line protocol
came up. I dont understand why??

Can someone pls explain??

Regards,
Abiola

--- On Thu, 5/6/10, Nathan Richie <nathanr_at_boice.net> wrote:

From: Nathan Richie <nathanr_at_boice.net>
Subject: RE: MPPE - (Microsoft PPP Encryption) - anyone know how to implement
this on a serial link?
To: "Beefmo" <groupstudy_at_nyms.net>, "ccielab_at_groupstudy.com"
<ccielab_at_groupstudy.com>
Date: Thursday, May 6, 2010, 5:42 AM

Beefmo,

You can run PPP mppe on serial interfaces. However, the trick to it is that
you must use MS-chap authentication (makes sense since it was designed to
terminate Microsoft VPN tunnels). Since this is encryption, I would recommend
that you get your authentication working first on the PPP link and then enable
mppe. Certain things have to match on both ends such as strength (options are
40 & 128) and whether encryption is required or not. Note that there are some
options such as auto for the key strength that you can use as well. I would
recommend that you look at the various settings for the command and then test
them out in a lab so you understand what settings work and what settings do
not work. The good news is that it is only 1 command :)

HTH,

Nathan

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
Beefmo
Sent: Thursday, May 06, 2010 6:17 AM
To: ccielab_at_groupstudy.com
Subject: MPPE - (Microsoft PPP Encryption) - anyone know how to implement this
on a serial link?

Can anyone explain to me or point me to a link that shows how we'd implement
MPPE? (haha, everyone's like "wtf is mppe?")

What I do know is that it's Microsoft Point-to-Point Encryption and is
supported by Cisco as a means of encrypting PPP or PPTP. This is where I get
lost, is it just another authentication method negotiated at LCP? Or is it
only valid inside a PPTP tunnel?

What I can find of it on the Cisco site seems divided between using it with
PPP and using it with PPTP. It seems to be more of a tech to use in a
client/server VPN situation but I'd like to know how we can run it across a
serial link between two Cisco devices. I guess my understanding of PPTP is
lacking too. Any security guys help me out here?
Thanks in advance!

Blogs and organic groups at http://www.ccie.net
Received on Fri May 07 2010 - 03:46:23 ART