Solved

PPP with PAP and CHAP Authentication

Posted on 2014-11-26
7
280 Views
Last Modified: 2014-11-28
Looking at this web site , in PPP authentication commands:
http://www.howtonetwork.net/public/department98.cfm

When configured PPP with PAP or CHAP authentication, I have noticed the configuration is not the same on both routers that are authenticating each other:



Example for PAP Authentication:
R1(config)#int s1/1
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication pap
 R1(config-if)#exit
 R1(config)#username R3 password cisco

Open in new window

R3(config)#int s1/1
R3(config-if)#ppp pap sent-username R3 password cisco

Open in new window



Example for CHAP Authentication:

R1(config)#int s1/1
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication chap
 R1(config-if)#exit
 R1(config)#username R3 password cisco

Open in new window


R3(config-if)#int s1/1 
 R3(config-if)#encapsulation ppp
 R3(config-if)#ppp chap hostname R3
 R3(config-if)#ppp chap password cisco

Open in new window


I wonder if PPP authentication works in Client/Server way ? in the case authentication is set up in Server/Server way, how do we configure that ?
0
Comment
Question by:jskfan
  • 6
7 Comments
 
LVL 26

Accepted Solution

by:
Soulja earned 500 total points
ID: 40467589
PPP is setup in a client and server way, or better called a peer / authenticator.

How your routers are configured, R3 is the peer or caller, and R1 is the Authenticator or Called.

If you want a two way for of authentication, where R3 verifies R1 also, just add the R1's pap/chap config to R3 and R3's to R1 in addition to the configuration already there.
0
 

Author Comment

by:jskfan
ID: 40467705
Can you just copy and paste from the configuration I posted above, to see what is needed to configure 2 way authentication ?

Thanks
0
 

Author Comment

by:jskfan
ID: 40467986
I also am not sure why they put :

on R1:
R1(config)#username R3 password cisco

and on R3:
R3(config-if)#ppp chap hostname R3
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:jskfan
ID: 40470326
For consistency sake:
PPP PAP code above is missing something, it gotto be this way:
R3(config)#int s1/1
R3(config-if)#encapsulation ppp
R3(config-if)# ppp authentication pap
R3(config-if)#ppp pap sent-username R3 password cisco

Open in new window

0
 

Author Comment

by:jskfan
ID: 40470385
Regarding PAP authentication, disregard the configuration above. This one worked for me:
 R1(config)#int s1/0
 R1(config-if)ip address 1.1.1.1 255.255.255.0
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication pap
 R1(config-if)#exit
 R1(config)#username R2 password cisco

R2(config)#int s1/0
R2(config-if)ip address 1.1.1.2 255.255.255.0
R2(config-if)#encapsulation ppp 
R2(config-if)#ppp pap sent-username R2 password cisco

Open in new window

0
 

Author Comment

by:jskfan
ID: 40470445
ppp
This final configuration worked for me for PAP and CHAP:
PPP with PAP authentication:
in this configuration R1 is PAP Server and R2 is PAP client

R1(config)#int s1/0
 R1(config-if)ip address 1.1.1.1 255.255.255.0
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication pap
 R1(config-if)#exit
 R1(config)#username R2 password cisco

R2(config)#int s1/0
R2(config-if)ip address 1.1.1.2 255.255.255.0
R2(config-if)#encapsulation ppp 
R2(config-if)#ppp pap sent-username R2 password cisco

=================================

PPP with CHAP authentication:
in this configuration R1 is CHAP Client and R2 is CHAP Server

R1#configure terminal
R1(config)#interface serial 1/0
R1(config-if)ip address 1.1.1.1 255.255.255.0
R1(config-if)#encapsulation ppp 
R1(config-if)#ppp chap hostname R1
R1(config-if)#ppp chap password cisco


R2#configure terminal
R2(config)#username R1 password cisco
R2(config)#interface serial 1/0
R2(config-if)ip address 1.1.1.2 255.255.255.0
R2(config-if)#encapsulation ppp
R2(config-if)#ppp authentication chap

=================================

Open in new window

0
 

Author Closing Comment

by:jskfan
ID: 40470447
Thanks
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question