02-16-2003 04:20 PM - edited 03-02-2019 05:08 AM
I have a router (IOS 12.1(16)) with an ISDN PRI receiving calls from remote routers. I want my router to send the configured ppp chap hostname during the ppp authentication phase, not its router name.
However, using the configuration below, my router initially sends its router name not the ppp chap configured name. The remote router (IOS) can't handle this and terminates the call.
I use the exact same configuration with a remote Cisco 700 series router (not IOS), and it works, but the following debug shows my router sends its router name first, followed by the ppp chap hostname only after the remote router has responded to the challenge.
Dec 10 08:56:46: %LINK-3-UPDOWN: Interface Serial1/0:1, changed state to up
Dec 10 08:56:46: Se1/0:1 PPP: Treating connection as a callin
Dec 10 08:56:46: Se1/0:1 CHAP: O CHALLENGE id 72 len 31 from "ROUTER1"
Dec 10 08:56:46: Se1/0:1 CHAP: I CHALLENGE id 1 len 24 from "ROUTER2"
Dec 10 08:56:46: Se1/0:1 CHAP: Waiting for peer to authenticate first
Dec 10 08:56:46: Se1/0:1 CHAP: I RESPONSE id 72 len 24 from "ROUTER2"
Dec 10 08:56:46: Se1/0:1 CHAP: O SUCCESS id 72 len 4
Dec 10 08:56:46: Se1/0:1 CHAP: Processing saved Challenge, id 1
Dec 10 08:56:46: %DIALER-6-BIND: Interface Se1/0:1 bound to profile Di12
Dec 10 08:56:46: Se1/0:1 CHAP: Using alternate hostname FDRA
Dec 10 08:56:46: Se1/0:1 CHAP: O RESPONSE id 1 len 25 from "FDRA"
Dec 10 08:56:47: Se1/0:1 CHAP: I SUCCESS id 1 len 32 msg is "chap: User FDRA authorized."
Dec 10 08:56:48: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0:1, changed state to up
Is it normal for my router to issue its router name first and then use the alternate hostname as shown above.
If this is normal, any reason why a remote IOS router would not complete PPP authentication while a Cisco 700 series does?
Following is the configuration of my router.
hostname ROUTER1
username ROUTER2 password qwerty
interface Serial1/0:15
no ip address
encapsulation ppp
dialer pool-member 1
isdn switch-type primary-net5
ppp authentication chap callin
interface Dialer18
ip address 172.16.248.5 255.255.255.252
encapsulation ppp
dialer pool 1
dialer remote-name ROUTER2
dialer string 0123456789
dialer-group 1
ppp authentication chap
ppp chap hostname R1ALIAS
ppp chap password 0 qwerty
Any assistance or thoughts appreciated.
Regards
02-18-2003 01:58 PM
That is very normal..
The debug that you have shown is not matching with the config. You can see that during ppp negotiation, ROUTER2 name is received from other side but it bound to profile Dialer 12
Dec 10 08:56:46: %DIALER-6-BIND: Interface Se1/0:1 bound to profile Di12
But above call did worked fine as authentication SUCCESS are exchanged.
Now since this router has received the call so the call will be binded to the correct dialer profile based on the remote-name received in challenge. So Initially the receiving router will send hostname as a challenge. But the response to the challenge received will be sent using the correct hostname (modified on the interface using ppp chap hostname command)
Dec 10 08:56:46: Se1/0:1 CHAP: Using alternate hostname FDRA
Dec 10 08:56:46: Se1/0:1 CHAP: O RESPONSE id 1 len 25 from "FDRA"
And the call should work as it worked in above debug. If its not working, the problem is in the remote site router.
02-20-2003 02:43 PM
Thanks,
You were correct.
The problem turned out to be a configuration issue at the remote router. There was no ppp chap password config line.
Once this was installed, ppp authentication succeeded.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide