Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1933
Views
0
Helpful
1
Replies

CHAP authentication problems on PPPoE / DSL

heidenhain
Level 1
Level 1

‎02-19-2003 08:06 AM - edited ‎03-02-2019 05:12 AM

Hi all,

I am experiencing problems with authenticating at an ISP via CHAP on a PPPoE / DSL line. Everything looks like that just the password is wrong, but I checked a couple of user/password combinations with them and get always access denied. PPP/CHAP debug looks fine - see later.

Could there be other reasons for failing with CHAP than just having a wrong user/ password ?

Does anybody know if there are known problems ?

I have a 826 running 12.2(4)YA3 setup for PPPoE:

-------------------------------------------------------

vpdn enable

!

vpdn-group 1

request-dialin

protocol pppoe

!

interface Ethernet0

ip address 192.168.36.254 255.255.255.0

no ip proxy-arp

ip tcp adjust-mss 1452

no cdp enable

hold-queue 100 out

!

interface ATM0

no ip address

ip tcp adjust-mss 1452

no atm ilmi-keepalive

pvc 0/35

encapsulation aal5snap

pppoe-client dial-pool-number 1

!

dsl operating-mode auto

hold-queue 224 in

interface Dialer1

mtu 1492

ip address negotiated

ip access-group 101 in

ip access-group 102 out

ip inspect internet-out out

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname user@telepac

ppp chap password 7 XXXXXXXX

---------------------------------------------------------------

This is the debug output I get:

---------------------------------------------------------------

*Mar 1 13:08:56: PPPOE: we've got our pado and the pado timer went off

*Mar 1 13:08:56: OUT PADR from PPPoE tunnel

*Mar 1 13:08:56: PPPoE 2573: I PADS L:00b0.c28d.cba2 R:0090.1a10.1091 0/35 AT0

*Mar 1 13:08:56: IN PADS from PPPoE tunnel

*Mar 1 13:08:56: Vi1 PPP: Phase is DOWN, Setup

*Mar 1 13:08:56: %DIALER-6-BIND: Interface Vi1 bound to profile Di1

*Mar 1 13:08:56: PPPoE: Virtual Access interface obtained.

*Mar 1 13:08:56: Vi1 PPP: Treating connection as a callout

*Mar 1 13:08:56: Vi1 PPP: Phase is ESTABLISHING, Active Open

*Mar 1 13:08:56: Vi1 PPP: Authorization NOT required

*Mar 1 13:08:56: Vi1 PPP: No remote authentication for call-out

*Mar 1 13:08:56: Vi1 LCP: O CONFREQ [Closed] id 1 len 14

*Mar 1 13:08:56: Vi1 LCP: MRU 1492 (0x010405D4)

*Mar 1 13:08:56: Vi1 LCP: MagicNumber 0xB394DD9D (0x0506B394DD9D)

*Mar 1 13:08:56: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up

*Mar 1 13:08:56: Vi1 PPP: Treating connection as a callout

*Mar 1 13:08:56: Vi1 LCP: I CONFACK [REQsent] id 1 len 14

*Mar 1 13:08:56: Vi1 LCP: MRU 1492 (0x010405D4)

*Mar 1 13:08:56: Vi1 LCP: MagicNumber 0xB394DD9D (0x0506B394DD9D)

*Mar 1 13:08:58: Vi1 LCP: TIMEout: State ACKrcvd

*Mar 1 13:08:58: Vi1 LCP: O CONFREQ [ACKrcvd] id 2 len 14

*Mar 1 13:08:58: Vi1 LCP: MRU 1492 (0x010405D4)

*Mar 1 13:08:58: Vi1 LCP: MagicNumber 0xB394DD9D (0x0506B394DD9D)

*Mar 1 13:08:58: Vi1 LCP: I CONFACK [REQsent] id 2 len 14

*Mar 1 13:08:58: Vi1 LCP: MRU 1492 (0x010405D4)

*Mar 1 13:08:58: Vi1 LCP: MagicNumber 0xB394DD9D (0x0506B394DD9D)

*Mar 1 13:08:59: Vi1 LCP: I CONFREQ [ACKrcvd] id 103 len 18

*Mar 1 13:08:59: Vi1 LCP: MRU 1492 (0x010405D4)

*Mar 1 13:09:00: Vi1 LCP: AuthProto PAP (0x0304C023)

*Mar 1 13:09:00: Vi1 LCP: MagicNumber 0x66F686C7 (0x050666F686C7)

*Mar 1 13:09:00: Vi1 LCP: O CONFNAK [ACKrcvd] id 103 len 9

*Mar 1 13:09:00: Vi1 LCP: AuthProto CHAP (0x0305C22305)

*Mar 1 13:09:00: Vi1 LCP: I CONFREQ [ACKrcvd] id 104 len 19

*Mar 1 13:09:00: Vi1 LCP: MRU 1492 (0x010405D4)

*Mar 1 13:09:00: Vi1 LCP: AuthProto CHAP (0x0305C22305)

*Mar 1 13:09:00: Vi1 LCP: MagicNumber 0x66F686C7 (0x050666F686C7)

*Mar 1 13:09:00: Vi1 LCP: O CONFACK [ACKrcvd] id 104 len 19

*Mar 1 13:09:00: Vi1 LCP: MRU 1492 (0x010405D4)

*Mar 1 13:09:00: Vi1 LCP: AuthProto CHAP (0x0305C22305)

*Mar 1 13:09:00: Vi1 LCP: MagicNumber 0x66F686C7 (0x050666F686C7)

*Mar 1 13:09:00: Vi1 LCP: State is Open

*Mar 1 13:09:00: Vi1 PPP: Phase is AUTHENTICATING, by the peer

*Mar 1 13:09:00: Vi1 CHAP: I CHALLENGE id 8 len 31 from "dvs-br1"

*Mar 1 13:09:48: Vi1 PPP: Sent CHAP SENDAUTH Request to AAA

*Mar 1 13:09:48: Vi1 PPP: Received SENDAUTH Response from AAA = FAIL

*Mar 1 13:09:00: Vi1 CHAP: O RESPONSE id 8 len 37 from "user@telepac"

***** Here it is:

*Mar 1 13:09:00: Vi1 CHAP: I FAILURE id 8 len 49 msg is "username ou Palavra de acesso incorrecta [()]"

*Mar 1 13:09:00: Vi1 LCP: I TERMREQ [Open] id 105 len 4

*Mar 1 13:09:00: Vi1 LCP: O TERMACK [Open] id 105 len 4

*Mar 1 13:09:00: PPPoE 2573: I PADT L:00b0.c28d.cba2 R:0090.1a10.1091 0/35 AT0

*Mar 1 13:09:00: PPPoE : Shutting down client session

*Mar 1 13:09:00: PPPoE 2573: O PADT L:00b0.c28d.cba2 R:0090.1a10.1091 0/35 AT0

*Mar 1 13:09:00: %DIALER-6-UNBIND: Interface Vi1 unbound from profile Di1

*Mar 1 13:09:00: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down

*Mar 1 13:09:00: Vi1 LCP: State is Closed

*Mar 1 13:09:00: Vi1 PPP: Phase is DOWN

Any ideas ?

Thanks

Markus

Labels:
0 Helpful
1 Reply 1

tepatel
Cisco Employee
Cisco Employee

‎02-19-2003 09:20 AM

There are no known issues like that. It is strictly a authentication issue. ISP is sending authentication failure for user. So ask the ISP for correct username and password combination.

0 Helpful
Customers Also Viewed These Support Documents