Solved

PPP with PAP and CHAP Authentication

Posted on 2014-11-26
7
262 Views
Last Modified: 2014-11-28
Looking at this web site , in PPP authentication commands:
http://www.howtonetwork.net/public/department98.cfm

When configured PPP with PAP or CHAP authentication, I have noticed the configuration is not the same on both routers that are authenticating each other:



Example for PAP Authentication:
R1(config)#int s1/1
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication pap
 R1(config-if)#exit
 R1(config)#username R3 password cisco

Open in new window

R3(config)#int s1/1
R3(config-if)#ppp pap sent-username R3 password cisco

Open in new window



Example for CHAP Authentication:

R1(config)#int s1/1
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication chap
 R1(config-if)#exit
 R1(config)#username R3 password cisco

Open in new window


R3(config-if)#int s1/1 
 R3(config-if)#encapsulation ppp
 R3(config-if)#ppp chap hostname R3
 R3(config-if)#ppp chap password cisco

Open in new window


I wonder if PPP authentication works in Client/Server way ? in the case authentication is set up in Server/Server way, how do we configure that ?
0
Comment
Question by:jskfan
  • 6
7 Comments
 
LVL 26

Accepted Solution

by:
Soulja earned 500 total points
ID: 40467589
PPP is setup in a client and server way, or better called a peer / authenticator.

How your routers are configured, R3 is the peer or caller, and R1 is the Authenticator or Called.

If you want a two way for of authentication, where R3 verifies R1 also, just add the R1's pap/chap config to R3 and R3's to R1 in addition to the configuration already there.
0
 

Author Comment

by:jskfan
ID: 40467705
Can you just copy and paste from the configuration I posted above, to see what is needed to configure 2 way authentication ?

Thanks
0
 

Author Comment

by:jskfan
ID: 40467986
I also am not sure why they put :

on R1:
R1(config)#username R3 password cisco

and on R3:
R3(config-if)#ppp chap hostname R3
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:jskfan
ID: 40470326
For consistency sake:
PPP PAP code above is missing something, it gotto be this way:
R3(config)#int s1/1
R3(config-if)#encapsulation ppp
R3(config-if)# ppp authentication pap
R3(config-if)#ppp pap sent-username R3 password cisco

Open in new window

0
 

Author Comment

by:jskfan
ID: 40470385
Regarding PAP authentication, disregard the configuration above. This one worked for me:
 R1(config)#int s1/0
 R1(config-if)ip address 1.1.1.1 255.255.255.0
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication pap
 R1(config-if)#exit
 R1(config)#username R2 password cisco

R2(config)#int s1/0
R2(config-if)ip address 1.1.1.2 255.255.255.0
R2(config-if)#encapsulation ppp 
R2(config-if)#ppp pap sent-username R2 password cisco

Open in new window

0
 

Author Comment

by:jskfan
ID: 40470445
ppp
This final configuration worked for me for PAP and CHAP:
PPP with PAP authentication:
in this configuration R1 is PAP Server and R2 is PAP client

R1(config)#int s1/0
 R1(config-if)ip address 1.1.1.1 255.255.255.0
 R1(config-if)#encapsulation ppp 
 R1(config-if)#ppp authentication pap
 R1(config-if)#exit
 R1(config)#username R2 password cisco

R2(config)#int s1/0
R2(config-if)ip address 1.1.1.2 255.255.255.0
R2(config-if)#encapsulation ppp 
R2(config-if)#ppp pap sent-username R2 password cisco

=================================

PPP with CHAP authentication:
in this configuration R1 is CHAP Client and R2 is CHAP Server

R1#configure terminal
R1(config)#interface serial 1/0
R1(config-if)ip address 1.1.1.1 255.255.255.0
R1(config-if)#encapsulation ppp 
R1(config-if)#ppp chap hostname R1
R1(config-if)#ppp chap password cisco


R2#configure terminal
R2(config)#username R1 password cisco
R2(config)#interface serial 1/0
R2(config-if)ip address 1.1.1.2 255.255.255.0
R2(config-if)#encapsulation ppp
R2(config-if)#ppp authentication chap

=================================

Open in new window

0
 

Author Closing Comment

by:jskfan
ID: 40470447
Thanks
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tutorial will go through the steps required to write a script that will back up the configuration settings of a HP-ProCurve switch. You will need to get the following things to follow this tutorial: Telnet Scripting Tool e.g. TST10.exe …
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now