RE: ppp authentication chap callin

From: Denise Donohue (fradendon@xxxxxxxxxxx)
Date: Mon May 20 2002 - 15:24:08 GMT-3

• Next message: Bezverkhi, Serguei: "FW: RIP NLSP and SAP filtering"
• Previous message: R. Benjamin Kessler: "RE: can portfast run on a trunk port?"
• Maybe in reply to: Charles Carley: "ppp authentication chap callin"
• Next in thread: p729@xxxxxxx: "Re: RE: ppp authentication chap callin"
• Maybe reply: p729@xxxxxxx: "Re: RE: ppp authentication chap callin"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Actually, you don't need to specify authentication on the router you don't
want issuing the challenge. Just make sure you have the username/password
configured.

P1-2520#sh run int bri0
Building configuration...

Current configuration:
!
interface BRI0
 ip address 192.168.1.161 255.255.255.0
 no ip directed-broadcast
 encapsulation ppp
 no ip mroute-cache
 dialer idle-timeout 30
 dialer map ip 192.168.1.162 name core-ro 5551101
 dialer-group 1
 isdn switch-type basic-ni
 isdn spid1 21255512110101 5551211
 isdn spid2 21255512120101 5551212
end

P1-2520#ping 192.168.1.162

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.162, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 32/34/36 ms
P1-2520#
00:08:54: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
00:08:54: BR0:1 PPP: Treating connection as a callout
00:08:54: BR0:1 PPP: Phase is AUTHENTICATING, by the peer
00:08:54: BR0:1 CHAP: I CHALLENGE id 2 len 28 from "core-ro"
00:08:54: BR0:1 CHAP: O RESPONSE id 2 len 28 from "P1-2520"
00:08:54: BR0:1 CHAP: I SUCCESS id 2 len 4
00:08:55: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed
state
to up

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
MICHAEL J. KILPATRICK
Sent: Sunday, May 19, 2002 9:26 PM
To: ccarley@columbus.rr.com; ccielab@groupstudy.com
Subject: Re: ppp authentication chap callin

Use the CALLIN option on the called router to allow one-way authentication.
If the called router does not have the CALLIN option, the called router will
attempt to authenticate back to the calling router (ie. 2-way
authentication). Play with it with deb ppp neg and deb ppp auth.

Mike

>>> "Charles Carley" <ccarley@columbus.rr.com> 05/19/02 11:28 AM >>>
I am having trouble understanding the ppp chap authentication callin command
from what I am finding in the archives. I understand what the command does,
I am just not clear on how to implement it. Does someone have the relevant
configurations from a working scenario they could share? Thank you.

Charles

• Next message: Bezverkhi, Serguei: "FW: RIP NLSP and SAP filtering"
• Previous message: R. Benjamin Kessler: "RE: can portfast run on a trunk port?"
• Maybe in reply to: Charles Carley: "ppp authentication chap callin"
• Next in thread: p729@xxxxxxx: "Re: RE: ppp authentication chap callin"
• Maybe reply: p729@xxxxxxx: "Re: RE: ppp authentication chap callin"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:59:02 GMT-3