10-04-2012 11:46 PM - edited 03-04-2019 05:45 PM
Hi,
I am trying to implement PPP chap Authentication on two routers connected via serial interfaces. I just want to know which router will call which router and which router will challenge which router.
But according to following link of cisco
http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configuration_example09186a0080094333.shtml
It is wriiten that If Router 1 Initiates a call to Router 2, Router 2 would challenge Router 1, but Router 1 would not challenge Router 2. This occurs because the PPP authentication chap callin command is configured on Router 1.
So, according to cisco document Router 2 should challenge Router 1. But how in my case Router 1 is challenging Router 2 ???
This is confusing me.. Please help
The configurations are as follows:-
r1---serial link... r2
R1:-
username R2 password 0 12345
interface Serial1/0
ip address 10.10.10.1 255.255.255.252
encapsulation ppp
serial restart-delay 0
no dce-terminal-timing-enable
ppp authentication chap callin
R2:-
username R1 password 0 12345
interface Serial1/0
ip address 10.10.10.2 255.255.255.252
encapsulation ppp
serial restart-delay 0
no dce-terminal-timing-enable
Solved! Go to Solution.
10-05-2012 01:00 AM
Hi,
https://learningnetwork.cisco.com/thread/33576
Regards.
Alain
Don't forget to rate helpful posts.
10-05-2012 12:28 AM
Hi,
post your debug output.
Regards.
Alain
Don't forget to rate helpful posts.
10-05-2012 12:46 AM
Hi Sir,
Following is the debug output:-
>>>>>R1<<<<<<
R1(config-if)#
*Oct 5 13:12:30.227: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to up
R1(config-if)#
*Oct 5 13:13:16.387: Se1/0 PPP: Authorization required
*Oct 5 13:13:16.395: Se1/0 CHAP: O CHALLENGE id 2 len 23 from "R1"
*Oct 5 13:13:16.479: Se1/0 CHAP: I RESPONSE id 2 len 23 from "R2"
*Oct 5 13:13:16.483: Se1/0 PPP: Sent CHAP LOGIN Request
*Oct 5 13:13:16.491: Se1/0 PPP: Received LOGIN Response PASS
*Oct 5 13:13:16.495: Se1/0 PPP: Sent LCP AUTHOR Request
*Oct 5 13:13:16.495: Se1/0 PPP: Sent IPCP AUTHOR Request
*Oct 5 13:13:16.503: Se1/0 LCP: Received AAA AUTHOR Response PASS
*Oct 5 13:13:16.503: Se1/0 IPCP: Received AAA AUTHOR Response PASS
*Oct 5 13:13:16.503: Se1/0 CHAP: O SUCCESS id 2 len 4
*Oct 5 13:13:16.507: Se1/0 PPP: Sent CDPCP AUTHOR Request
R1(config-if)#
*Oct 5 13:13:16.515: Se1/0 CDPCP: Received AAA AUTHOR Response PASS
*Oct 5 13:13:16.543: Se1/0 PPP: Sent IPCP AUTHOR Request
>>>>>R2<<<<<<
R2(config-if)#no shut
R2(config-if)#shut
R2(config-if)#
*Oct 5 13:13:10.595: %LINK-5-CHANGED: Interface Serial1/0, changed state to administratively down
R2(config-if)#
R2(config-if)#
*Oct 5 13:13:10.595: %ENTITY_ALARM-6-INFO: ASSERT INFO Se1/0 Physical Port Administrative State Down
*Oct 5 13:13:11.595: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to down
R2(config-if)#no shut
R2(config-if)#
*Oct 5 13:13:15.631: %LINK-3-UPDOWN: Interface Serial1/0, changed state to up
*Oct 5 13:13:15.631: %ENTITY_ALARM-6-INFO: CLEAR INFO Se1/0 Physical Port Administrative State Down
R2(config-if)#
*Oct 5 13:13:15.635: Se1/0 PPP: Using default call direction
*Oct 5 13:13:15.639: Se1/0 PPP: Treating connection as a dedicated line
*Oct 5 13:13:15.639: Se1/0 PPP: Session handle[D5000002] Session id[2]
*Oct 5 13:13:15.639: Se1/0 PPP: Authorization required
*Oct 5 13:13:15.703: Se1/0 PPP: No authorization without authentication
*Oct 5 13:13:15.735: Se1/0 CHAP: I CHALLENGE id 2 len 23 from "R1"
*Oct 5 13:13:15.739: Se1/0 CHAP: Using hostname from unknown source
*Oct 5 13:13:15.739: Se1/0 CHAP: Using password from AAA
*Oct 5 13:13:15.739: Se1/0 CHAP: O RESPONSE id 2 len 23 from "R2"
*Oct 5 13:13:15.795: Se1/0 CHAP: I SUCCESS id 2 len 4
R2(config-if)#
*Oct 5 13:13:16.795: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/0, changed state to up
10-05-2012 01:00 AM
Hi,
https://learningnetwork.cisco.com/thread/33576
Regards.
Alain
Don't forget to rate helpful posts.
10-05-2012 01:12 AM
Hi Sir,
It means the router with "PPP authentication chap callin" command will raise the challenge..
But what about the cisco document ??? Is it wrong.??
10-05-2012 01:16 AM
Hi,
sometimes Cisco docs have some wrong infos or the info is outdated or not pertaining to some cases or simply badly worded.But I can't say which case this is here.
I think that what counts is the real operation you observe when labbing.
Regards.
Alain
Don't forget to rate helpful posts.
10-05-2012 01:20 AM
I got my answer
Thanks Sir...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide