From: Aaron K. Dixon (aaron.dixon@xxxxxxxxxxxxxxxxxxx)
Date: Fri Apr 20 2001 - 02:28:23 GMT-3
CHAP doesn't send a password, but a hash so both passwords must match. The
reason that your config worked is because the local username is configured
on both routers with matching passwords. The ppp chap hostname will be
used instead of the router name, but the ppp chap password is only used if
the remote hostname isn't found in the local username database. If the
hostname wouldn't of been found in the local username database then the ppp
chap password would of been used and chap authentication would of failed due
to different passwords. With pap you can use different passwords.
Regards,
Aaron K. Dixon
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Ike Luo
Sent: Thursday, April 19, 2001 11:52 PM
To: Arthayuth.B@datacraft-asia.com; rshopkins@earthlink.net
Cc: ccielab@groupstudy.comIf the
Subject: Re: PPP CHAP Question
You can use difference password and username in both pap and chap.
ppp chap hostname xxx
ppp chap password yyy
Ike luo
----- Original Message -----
From: <Arthayuth.B@datacraft-asia.com>
To: <rshopkins@earthlink.net>
Cc: <ccielab@groupstudy.com>
Sent: Friday, April 20, 2001 11:59 AM
Subject: RE: PPP CHAP Question
> for CHAP you need to use same password only pap that support difference
> password.
>
> Arthayuth
> CIP,CCNP,CCDP
>
> -----Original Message-----
> From: Rob Hopkins [mailto:rshopkins@earthlink.net]
> Sent: Friday, April 20, 2001 1:47 PM
> To: ccielab@groupstudy.com
> Subject: PPP CHAP Question
>
>
> I must be missing something here,
> See the config below, which works, my question is why does it work?
Notice
> R1 doesnt even have the
> password "bheadpass" anywhere, in fact if I change bhead pass on R1 to
> bheadpass it doesnt work.
>
> When I debug ppp authentication it (from R2)
>
> %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to
> down
> %LINK-3-UPDOWN: Interface Serial0, changed state to down
> %LINK-3-UPDOWN: Interface Serial0, changed state to up
> Se0 PPP: Treating connection as a dedicated line
> Se0 PPP: Phase is AUTHENTICATING, by both
> Se0 CHAP: Using alternate hostname bhead
> Se0 CHAP: O CHALLENGE id 26 len 26 from "bhead"
> Se0 CHAP: I CHALLENGE id 28 len 27 from "beavis"
> Se0 CHAP: Using alternate hostname bhead
> Se0 CHAP: O RESPONSE id 28 len 26 from "bhead"
> Se0 CHAP: I RESPONSE id 26 len 27 from "beavis"
> Se0 CHAP: O SUCCESS id 26 len 4
> Se0 CHAP: I SUCCESS id 28 len 4
> %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to
up
>
>
>
> R1
>
> username bhead password 0 beavispass
>
> interface Serial0
> ip address 10.1.1.1 255.255.255.252
> encapsulation ppp
> ppp authentication chap
> ppp chap hostname beavis
> ppp chap password 7 15100E0D12233834292026 (beavispass)
> !
>
>
>
>
> R2
> username beavis password 0 beavispass
>
> interface Serial0
> ip address 10.1.1.2 255.255.255.252
> encapsulation ppp
> no fair-queue
> clockrate 1000000
> ppp authentication chap
> ppp chap hostname bhead
> ppp chap password 7 13071F170A08142B3837 (bheadpass)
> !
> **Please read:http://www.groupstudy.com/list/posting.html
> **Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:29:52 GMT-3