Hello Experts!
I could really use a little explanation on MPPE with MS-CHAP....docs are a
bit scarce, or I'm just looking in the wrong places...
Please clarify my thoughts...
So here's what I have,
I set up a simple topology (R5--->R4) with one way ms-chap authentication
and MPPE and everything works great.
But, when I attempt two way authentication (with encryption), it fails.
From this I conclude that because of the encryption, the second
authentication attempt fails because
it's not encrypted. Is that the case?
*Working config:*
R4
username R5CHAP password CISCO
interface Serial1/1
ip address 45.0.0.4 255.255.255.0
encapsulation ppp
keepalive 10 3
clock rate 72000
ppp encrypt mppe 128 required
ppp authentication ms-chap
R5
interface Serial1/1
ip address 45.0.0.5 255.255.255.0
encapsulation ppp
keepalive 10 3
ppp encrypt mppe 128
ppp chap hostname R5CHAP
ppp chap password 0 CISCO
*Failing config:*
R4
username R5CHAP password CISCO
interface Serial1/1
ip address 45.0.0.4 255.255.255.0
encapsulation ppp
keepalive 10 3
clock rate 72000
ppp encrypt mppe 128 required
ppp authentication ms-chap
ppp chap hostname R4CHAP
ppp chap password 0 CISCO
R5
username R4CHAP password CISCO
interface Serial1/1
ip address 45.0.0.5 255.255.255.0
encapsulation ppp
keepalive 10 3
ppp encrypt mppe 128 required
ppp authentication ms-chap
ppp chap hostname R5CHAP
ppp chap password 0 CISCO
Thanks!
Blogs and organic groups at http://www.ccie.net
Received on Tue Jul 19 2011 - 21:46:42 ART
This archive was generated by hypermail 2.2.0 : Mon Aug 01 2011 - 06:30:06 ART