PPP with PAP and CHAP Authentication

Looking at this web site , in PPP authentication commands:
http://www.howtonetwork.net/public/department98.cfm

When configured PPP with PAP or CHAP authentication, I have noticed the configuration is not the same on both routers that are authenticating each other:



Example for PAP Authentication:
R1(config)#int s1/1
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication pap
 R1(config-if)#exit
 R1(config)#username R3 password cisco

Open in new window

R3(config)#int s1/1
R3(config-if)#ppp pap sent-username R3 password cisco

Open in new window



Example for CHAP Authentication:

R1(config)#int s1/1
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication chap
 R1(config-if)#exit
 R1(config)#username R3 password cisco

Open in new window


R3(config-if)#int s1/1 
 R3(config-if)#encapsulation ppp
 R3(config-if)#ppp chap hostname R3
 R3(config-if)#ppp chap password cisco

Open in new window


I wonder if PPP authentication works in Client/Server way ? in the case authentication is set up in Server/Server way, how do we configure that ?
jskfanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

SouljaSenior Network EngineerCommented:
PPP is setup in a client and server way, or better called a peer / authenticator.

How your routers are configured, R3 is the peer or caller, and R1 is the Authenticator or Called.

If you want a two way for of authentication, where R3 verifies R1 also, just add the R1's pap/chap config to R3 and R3's to R1 in addition to the configuration already there.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jskfanAuthor Commented:
Can you just copy and paste from the configuration I posted above, to see what is needed to configure 2 way authentication ?

Thanks
0
jskfanAuthor Commented:
I also am not sure why they put :

on R1:
R1(config)#username R3 password cisco

and on R3:
R3(config-if)#ppp chap hostname R3
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

jskfanAuthor Commented:
For consistency sake:
PPP PAP code above is missing something, it gotto be this way:
R3(config)#int s1/1
R3(config-if)#encapsulation ppp
R3(config-if)# ppp authentication pap
R3(config-if)#ppp pap sent-username R3 password cisco

Open in new window

0
jskfanAuthor Commented:
Regarding PAP authentication, disregard the configuration above. This one worked for me:
 R1(config)#int s1/0
 R1(config-if)ip address 1.1.1.1 255.255.255.0
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication pap
 R1(config-if)#exit
 R1(config)#username R2 password cisco

R2(config)#int s1/0
R2(config-if)ip address 1.1.1.2 255.255.255.0
R2(config-if)#encapsulation ppp 
R2(config-if)#ppp pap sent-username R2 password cisco

Open in new window

0
jskfanAuthor Commented:
ppp
This final configuration worked for me for PAP and CHAP:
PPP with PAP authentication:
in this configuration R1 is PAP Server and R2 is PAP client

R1(config)#int s1/0
 R1(config-if)ip address 1.1.1.1 255.255.255.0
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication pap
 R1(config-if)#exit
 R1(config)#username R2 password cisco

R2(config)#int s1/0
R2(config-if)ip address 1.1.1.2 255.255.255.0
R2(config-if)#encapsulation ppp 
R2(config-if)#ppp pap sent-username R2 password cisco

=================================

PPP with CHAP authentication:
in this configuration R1 is CHAP Client and R2 is CHAP Server

R1#configure terminal
R1(config)#interface serial 1/0
R1(config-if)ip address 1.1.1.1 255.255.255.0
R1(config-if)#encapsulation ppp 
R1(config-if)#ppp chap hostname R1
R1(config-if)#ppp chap password cisco


R2#configure terminal
R2(config)#username R1 password cisco
R2(config)#interface serial 1/0
R2(config-if)ip address 1.1.1.2 255.255.255.0
R2(config-if)#encapsulation ppp
R2(config-if)#ppp authentication chap

=================================

Open in new window

0
jskfanAuthor Commented:
Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.