?
Solved

PPP with PAP and CHAP Authentication

Posted on 2014-11-26
7
Medium Priority
?
314 Views
Last Modified: 2014-11-28
Looking at this web site , in PPP authentication commands:
http://www.howtonetwork.net/public/department98.cfm

When configured PPP with PAP or CHAP authentication, I have noticed the configuration is not the same on both routers that are authenticating each other:



Example for PAP Authentication:
R1(config)#int s1/1
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication pap
 R1(config-if)#exit
 R1(config)#username R3 password cisco

Open in new window

R3(config)#int s1/1
R3(config-if)#ppp pap sent-username R3 password cisco

Open in new window



Example for CHAP Authentication:

R1(config)#int s1/1
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication chap
 R1(config-if)#exit
 R1(config)#username R3 password cisco

Open in new window


R3(config-if)#int s1/1 
 R3(config-if)#encapsulation ppp
 R3(config-if)#ppp chap hostname R3
 R3(config-if)#ppp chap password cisco

Open in new window


I wonder if PPP authentication works in Client/Server way ? in the case authentication is set up in Server/Server way, how do we configure that ?
0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
7 Comments
 
LVL 26

Accepted Solution

by:
Soulja earned 1500 total points
ID: 40467589
PPP is setup in a client and server way, or better called a peer / authenticator.

How your routers are configured, R3 is the peer or caller, and R1 is the Authenticator or Called.

If you want a two way for of authentication, where R3 verifies R1 also, just add the R1's pap/chap config to R3 and R3's to R1 in addition to the configuration already there.
0
 

Author Comment

by:jskfan
ID: 40467705
Can you just copy and paste from the configuration I posted above, to see what is needed to configure 2 way authentication ?

Thanks
0
 

Author Comment

by:jskfan
ID: 40467986
I also am not sure why they put :

on R1:
R1(config)#username R3 password cisco

and on R3:
R3(config-if)#ppp chap hostname R3
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:jskfan
ID: 40470326
For consistency sake:
PPP PAP code above is missing something, it gotto be this way:
R3(config)#int s1/1
R3(config-if)#encapsulation ppp
R3(config-if)# ppp authentication pap
R3(config-if)#ppp pap sent-username R3 password cisco

Open in new window

0
 

Author Comment

by:jskfan
ID: 40470385
Regarding PAP authentication, disregard the configuration above. This one worked for me:
 R1(config)#int s1/0
 R1(config-if)ip address 1.1.1.1 255.255.255.0
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication pap
 R1(config-if)#exit
 R1(config)#username R2 password cisco

R2(config)#int s1/0
R2(config-if)ip address 1.1.1.2 255.255.255.0
R2(config-if)#encapsulation ppp 
R2(config-if)#ppp pap sent-username R2 password cisco

Open in new window

0
 

Author Comment

by:jskfan
ID: 40470445
ppp
This final configuration worked for me for PAP and CHAP:
PPP with PAP authentication:
in this configuration R1 is PAP Server and R2 is PAP client

R1(config)#int s1/0
 R1(config-if)ip address 1.1.1.1 255.255.255.0
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication pap
 R1(config-if)#exit
 R1(config)#username R2 password cisco

R2(config)#int s1/0
R2(config-if)ip address 1.1.1.2 255.255.255.0
R2(config-if)#encapsulation ppp 
R2(config-if)#ppp pap sent-username R2 password cisco

=================================

PPP with CHAP authentication:
in this configuration R1 is CHAP Client and R2 is CHAP Server

R1#configure terminal
R1(config)#interface serial 1/0
R1(config-if)ip address 1.1.1.1 255.255.255.0
R1(config-if)#encapsulation ppp 
R1(config-if)#ppp chap hostname R1
R1(config-if)#ppp chap password cisco


R2#configure terminal
R2(config)#username R1 password cisco
R2(config)#interface serial 1/0
R2(config-if)ip address 1.1.1.2 255.255.255.0
R2(config-if)#encapsulation ppp
R2(config-if)#ppp authentication chap

=================================

Open in new window

0
 

Author Closing Comment

by:jskfan
ID: 40470447
Thanks
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question