Re: chap authentication

From: Robert DeVito (robertdevito@xxxxxxxxxxx)
Date: Sat Feb 10 2001 - 03:05:26 GMT-3

   
You should remove the phone number on R6's dialer map, other then that it
looks good.

Robert

----Original Message Follows----
From: "John Kaberna" <jkaberna@netcginc.com>
Reply-To: "John Kaberna" <jkaberna@netcginc.com>
To: "Simon Baxter" <Simon.Baxter@au.logical.com>, "K. Radecki"
<kradecki@yahoo.com>, <ccielab@groupstudy.com>
Subject: Re: chap authentication
Date: Fri, 9 Feb 2001 18:46:22 -0800

Looks like this list doesn't allow attachments. Oops. Here they are....

hostname router5
!
!
ipx routing 0000.0c3d.fc4c
isdn switch-type basic-dms100
!
!
  !
  !
  process-max-time 200
  !
  interface Loopback0
  ip address 150.4.5.1 255.255.255.0
!
interface Ethernet0
  ip address 150.4.50.1 255.255.255.0
  ipx network 50
!
interface Serial0
  no ip address
  no ip mroute-cache
  shutdown
  no fair-queue
!
interface Serial1
  ip address 150.4.1.5 255.255.255.240
  encapsulation frame-relay
  ip ospf network point-to-multipoint
  ipx network 4
  frame-relay map ipx 4.00e0.b063.fa21 503 broadcast
  frame-relay map ip 150.4.1.2 503 broadcast
  frame-relay map ip 150.4.1.3 503 broadcast
  frame-relay map ipx 4.00e0.b064.7143 503 broadcast
  no frame-relay inverse-arp
!
interface BRI0
  ip address 150.4.56.1 255.255.255.252
  encapsulation ppp
  ip ospf demand-circuit
  dialer map ipx 56.0060.5cf3.8b33 name r6 broadcast 4930622
  dialer map ip 150.4.56.2 name r6 broadcast 4930622
  dialer-group 1
  ipx network 56
  no ipx route-cache
  ipx watchdog-spoof
  ipx spx-spoof
  isdn switch-type basic-dms100
  isdn spid1 81049306240101 4930624
  isdn spid2 81049306250101 4930625
  no cdp enable
  ppp authentication chap callin
  ppp chap hostname test5
  ppp chap password 7 02050D480809
  hold-queue 75 in
!
router ospf 1
  network 150.4.1.5 0.0.0.0 area 1
  network 150.4.5.1 0.0.0.0 area 1
  network 150.4.50.1 0.0.0.0 area 5
  network 150.4.56.1 0.0.0.0 area 4
  area 1 virtual-link 150.4.3.1
  area 4 virtual-link 150.4.6.1
  no ospf auto-cost
!
ip classless
!
access-list 901 deny rip any all any
access-list 901 deny sap any all any
access-list 901 deny any any 457
access-list 901 permit any
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx list 901
!
!
!
ipx router eigrp 1
  network 4
  network 50
!
!
ipx router rip
  no network 50
  no network 4
!
!
!
bridge 1 protocol ieee

-------------------------------------------------------------------------

hostname r6
!
!
username test5 password 0 cisco
ipx routing 0060.5cf3.8b33
isdn switch-type basic-dms100
!
!
  !
  !
  process-max-time 200
  !
  interface Loopback0
  ip address 150.4.6.1 255.255.255.0
!
interface Ethernet0
  ip address 150.4.4.6 255.255.255.0
  bandwidth 11
  ipx network 1
  ipx update interval sap passive
  no fair-queue
!
interface Serial0
  ip address 130.1.1.1 255.255.255.0
  no ip mroute-cache
  ipx network 68
  no fair-queue
  clockrate 64000
!
interface Serial1
  no ip address
  shutdown
!
interface BRI0
  ip address 150.4.56.2 255.255.255.252
  encapsulation ppp
  dialer map ip 150.4.56.1 name test5 broadcast 4930624
  dialer map ipx 56.0000.0c3d.fc4c name test5 broadcast 4930624
  dialer-group 1
  ipx network 56
  no ipx route-cache
  ipx watchdog-spoof
  ipx spx-spoof
  isdn switch-type basic-dms100
  isdn spid1 81049306220101 4930622
  isdn spid2 81049306230101 4930623
  no cdp enable
  ppp chap password 7 05080F1C2243
  hold-queue 75 in
!
router ospf 1
  redistribute igrp 1 metric 50 subnets route-map permit_igrp
  network 150.4.4.6 0.0.0.0 area 0
  network 150.4.56.2 0.0.0.0 area 4
  area 4 virtual-link 150.4.5.1
  ospf auto-cost reference-bandwidth 1
!
router igrp 1
  redistribute ospf 1 metric 3 1 255 1 1500
  passive-interface BRI0
  network 130.1.0.0
!
ip classless
ip default-network 150.4.0.0
!
access-list 1 permit 130.1.1.0 0.0.0.255
access-list 1 permit 130.1.8.0 0.0.0.255
access-list 1 permit 130.1.80.0 0.0.0.255
access-list 901 deny rip any all any
access-list 901 deny sap any all any
access-list 901 deny any any all any 457
access-list 901 permit any
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx list 901
route-map permit_igrp permit 10
  match ip address 1
!
!
!
!
ipx router eigrp 1
  network 1
!
!
ipx router rip
  no network 1

----- Original Message -----
From: John Kaberna <jkaberna@netcginc.com>
To: Simon Baxter <Simon.Baxter@au.logical.com>; K. Radecki
<kradecki@yahoo.com>; <ccielab@groupstudy.com>
Sent: Friday, February 09, 2001 6:39 PM
Subject: Re: chap authentication

> I got it working. These configs are a little different though. In this
> scenario only r5 is allowed to make calls to r6. r6 is not allowed to
> initiate calls to r5. Also, r6 is the only one doing authentication. So
> you will see the ppp auth callin command which allows for one way
> authentication. If anyone sees a problem please let me know asap. See
> attached text files.
>
> John
>
> ----- Original Message -----
> From: Simon Baxter <Simon.Baxter@au.logical.com>
> To: K. Radecki <kradecki@yahoo.com>; <ccielab@groupstudy.com>
> Sent: Friday, February 09, 2001 7:25 PM
> Subject: RE: chap authentication
>
>
> > Umm, nope. Good question.
> >
> > The ppp chap username command works fine but I too haven't got this
> working.
> > The docco's pretty thin on this eh?
> >
> > -----Original Message-----
> > From: K. Radecki [mailto:kradecki@yahoo.com]
> > Sent: Saturday, February 10, 2001 12:13 PM
> > To: ccielab@groupstudy.com
> > Subject: chap authentication
> >
> >
> > Has anyone ever used the ppp chap password ... command
> > successfully? If so, was it in the place of username
> > <name> password <password> command(s)?
> >
> > Thanks.
> >
> >
> >

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:44 GMT-3