Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1079
Views
0
Helpful
2
Replies

PPP Authentication CHAP

Go to solution
vishal-patil
Level 1
Level 1

‎01-11-2016 10:25 AM - edited ‎03-05-2019 03:06 AM

Hi,

recently I have been configuring chap authentication on two routers (ospf configured for routing)

I enabled both the interfaces with ppp encapsulation (also defined username and password for chap on two routers). When I enter the command ppp authentication chap on one of the routers' interface, it actually formed neighborship with other router. Don't I have to enter the same command on neighboring router interface?

Regards,

Vish

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎01-11-2016 03:51 PM

Hi Vishal,

Don't I have to enter the same command on neighboring router interface?

No, it is not required for the CHAP to function. The result of the ppp authentication chap command is that this router will require its peer to authenticate using CHAP. If one of your routers had this command configured while the other did not, a one-way CHAP authentication took place. If you had both routers configured with this command, then two independent CHAP authentications would take place where each router would authenticate itself to the other router.

Keep in mind that the ppp authentication chap command causes this router to ask its peer to authenticate itself using CHAP. It does not say anything about this router authenticating to the peer - that direction of authentication is governed by the configuration of the peer.

Feel welcome to ask further!

Best regards,
Peter

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Peter Paluch
Cisco Employee
Cisco Employee

‎01-11-2016 03:51 PM

Hi Vishal,

Don't I have to enter the same command on neighboring router interface?

No, it is not required for the CHAP to function. The result of the ppp authentication chap command is that this router will require its peer to authenticate using CHAP. If one of your routers had this command configured while the other did not, a one-way CHAP authentication took place. If you had both routers configured with this command, then two independent CHAP authentications would take place where each router would authenticate itself to the other router.

Keep in mind that the ppp authentication chap command causes this router to ask its peer to authenticate itself using CHAP. It does not say anything about this router authenticating to the peer - that direction of authentication is governed by the configuration of the peer.

Feel welcome to ask further!

Best regards,
Peter

0 Helpful

Go to solution
vishal-patil
Level 1
Level 1
In response to Peter Paluch

‎01-12-2016 01:37 PM

Hi Peter,

The explanation you gave makes sense. Thank you for now.

Will ask you if I have any further questions.

0 Helpful
Customers Also Viewed These Support Documents