WHAT'S HOT
PARTS:
Part 20
Part 21
Part 22
Part 23
Part 24
Part 25
Part 26
Part 27
Prev | Current Page 469 | Next

Stephen McQuerry

"Interconnecting Cisco Network Devices, Part 2 (ICND2): (CCNA Exam 640-802 and ICND exam 640-816) (3rd Edition)"

0.1.1 255.255.255.0
encapsulation ppp
ppp authentication chap
hostname RouterY
username RouterX password sameone
!
int serial 0
ip address 10.0.1.2 255.255.255.0
encapsulation ppp
ppp authentication chap
Establishing a Point-to-Point WAN Connection with PPP 323
Example: Verifying PPP Authentication
Example 8-2 illustrates the router output that occurs during CHAP authentication. Because
two-way authentication is con?¬?gured, that is, each router authenticates the other, messages
appear that re?¬‚ect both the authenticating process and the process of being authenticated.
Use the debug ppp authentication command to display the exchange sequence as it occurs.
To determine whether the router is performing one-way or two-way CHAP authentication,
look for the following message in the debug ppp authentication output, which indicates
that the routers are performing two-way authentication:
Se0 PPP: Phase is AUTHENTICATING, by both
Either one of the following messages indicates that the routers are performing one-way
authentication:
Se0 PPP: Phase is AUTHENTICATING, by the peer
Se0 PPP: Phase is AUTHENTICATING, by this end
The following output highlights output for a two-way PAP authentication:
! Two way authentication:
Se0 PPP: Phase is AUTHENTICATING, by both
! Outgoing authentication request:
Se0 PAP: O AUTH-REQ id 4 len 18 from ???RouterX???
! Incoming authentication request:
Se0 PAP: I AUTH-REQ id 1 len 18 from ???RouterY???
! Authenticating incoming:
Se0 PAP: Authenticating peer RouterY
! Outgoing acknowledgement:
Se0 PAP: O AUTH-ACK id 1 len 5
! Incoming acknowledgement:
Se0 PAP: I AUTH-ACK id 4 len 5
0 output buffer failures, 0 output buffers swapped out
482 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
Example 8-2 Verifying Authentication with the debug ppp authentication Command
RouterX# ddeebbuugg pppppp aauutthheennttiiccaattiioonn
4d20h: %LINK-3-UPDOWN: Interface Serial0, changed state to up
4d20h: Se0 PPP: Treating connection as a dedicated line
4d20h: Se0 PPP: Phase is AUTHENTICATING, by both
4d20h: Se0 CHAP: O CHALLENGE id 2 len 28 from ???left???
4d20h: Se0 CHAP: I CHALLENGE id 3 len 28 from ???right???
4d20h: Se0 CHAP: O RESPONSE id 3 len 28 from ???left???
4d20h: Se0 CHAP: I RESPONSE id 2 len 28 from ???right???
4d20h: Se0 CHAP: O SUCCESS id 2 len 4
4d20h: Se0 CHAP: I SUCCESS id 3 len 4
4d20h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed
Example 8-1 Verifying PPP Encapsulation with the show interface Command (Continued)
324 Chapter 8: Extending the Network into the WAN
To determine whether the router is performing CHAP or PAP authentication, look for the
following lines in the debug ppp authentication command output:
?–  Look for CHAP in the AUTHENTICATING phase, as shown in this example:
*Mar 7 21:16:29.


Pages:
457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481
Sons and Lovers (page 2) The Yeoman Adventurer (page 233) The Garden of Allah (page 733)