cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3620
Views
0
Helpful
6
Replies
Roopak Sethi
Beginner

PPP CHAP Authentication Problem

Hi,

I  am trying to implement PPP chap Authentication on two routers connected  via serial interfaces. I just want to know which router will call which  router and which router will challenge which router.

But according to following link of cisco

http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configuration_example09186a0080094333.shtml

It  is wriiten that If Router 1 Initiates a call to Router 2, Router 2  would challenge Router 1, but Router 1 would not challenge Router 2. This occurs because the PPP authentication chap callin command is configured on Router 1.

So, according to cisco document Router 2 should challenge Router 1. But how in my case Router 1 is challenging Router 2 ???

This is confusing me.. Please help

The configurations are as follows:-

r1---serial link... r2

R1:-

username R2 password 0 12345

interface Serial1/0

ip address 10.10.10.1 255.255.255.252

encapsulation ppp

serial restart-delay 0

no dce-terminal-timing-enable

ppp authentication chap callin

R2:-

username R1 password 0 12345

interface Serial1/0

ip address 10.10.10.2 255.255.255.252

encapsulation ppp

serial restart-delay 0

no dce-terminal-timing-enable

1 ACCEPTED SOLUTION

Accepted Solutions

Hi,

https://learningnetwork.cisco.com/thread/33576

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

View solution in original post

6 REPLIES 6
cadet alain
Advisor

Hi,

post your debug output.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

Hi Sir,

Following is the debug output:-

>>>>>R1<<<<<<

R1(config-if)#

*Oct  5 13:12:30.227: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to up

R1(config-if)#

*Oct  5 13:13:16.387: Se1/0 PPP: Authorization required

*Oct  5 13:13:16.395: Se1/0 CHAP: O CHALLENGE id 2 len 23 from "R1"

*Oct  5 13:13:16.479: Se1/0 CHAP: I RESPONSE id 2 len 23 from "R2"

*Oct  5 13:13:16.483: Se1/0 PPP: Sent CHAP LOGIN Request

*Oct  5 13:13:16.491: Se1/0 PPP: Received LOGIN Response PASS

*Oct  5 13:13:16.495: Se1/0 PPP: Sent LCP AUTHOR Request

*Oct  5 13:13:16.495: Se1/0 PPP: Sent IPCP AUTHOR Request

*Oct  5 13:13:16.503: Se1/0 LCP: Received AAA AUTHOR Response PASS

*Oct  5 13:13:16.503: Se1/0 IPCP: Received AAA AUTHOR Response PASS

*Oct  5 13:13:16.503: Se1/0 CHAP: O SUCCESS id 2 len 4

*Oct  5 13:13:16.507: Se1/0 PPP: Sent CDPCP AUTHOR Request

R1(config-if)#

*Oct  5 13:13:16.515: Se1/0 CDPCP: Received AAA AUTHOR Response PASS

*Oct  5 13:13:16.543: Se1/0 PPP: Sent IPCP AUTHOR Request

>>>>>R2<<<<<<

R2(config-if)#no shut

R2(config-if)#shut

R2(config-if)#

*Oct  5 13:13:10.595: %LINK-5-CHANGED: Interface Serial1/0, changed state to administratively down

R2(config-if)#

R2(config-if)#

*Oct  5 13:13:10.595: %ENTITY_ALARM-6-INFO: ASSERT INFO Se1/0 Physical Port Administrative State Down

*Oct  5 13:13:11.595: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to down

R2(config-if)#no shut

R2(config-if)#

*Oct  5 13:13:15.631: %LINK-3-UPDOWN: Interface Serial1/0, changed state to up

*Oct  5 13:13:15.631: %ENTITY_ALARM-6-INFO: CLEAR INFO Se1/0 Physical Port Administrative State Down

R2(config-if)#

*Oct  5 13:13:15.635: Se1/0 PPP: Using default call direction

*Oct  5 13:13:15.639: Se1/0 PPP: Treating connection as a dedicated line

*Oct  5 13:13:15.639: Se1/0 PPP: Session handle[D5000002] Session id[2]

*Oct  5 13:13:15.639: Se1/0 PPP: Authorization required

*Oct  5 13:13:15.703: Se1/0 PPP: No authorization without authentication

*Oct  5 13:13:15.735: Se1/0 CHAP: I CHALLENGE id 2 len 23 from "R1"

*Oct  5 13:13:15.739: Se1/0 CHAP: Using hostname from unknown source

*Oct  5 13:13:15.739: Se1/0 CHAP: Using password from AAA

*Oct  5 13:13:15.739: Se1/0 CHAP: O RESPONSE id 2 len 23 from "R2"

*Oct  5 13:13:15.795: Se1/0 CHAP: I SUCCESS id 2 len 4

R2(config-if)#

*Oct  5 13:13:16.795: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to up

Hi,

https://learningnetwork.cisco.com/thread/33576

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

View solution in original post

Hi Sir,

It means the router with "PPP authentication chap callin" command  will raise the challenge..

But what about the cisco document ??? Is it wrong.??

Hi,

sometimes Cisco docs have some wrong infos or the info is outdated or not pertaining to some cases or simply badly worded.But I can't say which case this is here.

I think that what counts is the real operation you observe when labbing.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

I got my answer

Thanks Sir...