Why can't I use remote router's name for CHAP authentication - ISDN

cjdoidge · ‎09-01-2005

Hello there,

I've got a problem: we have sent ISDN router to client, but now it looks like we can't connect to it, it says :

18w3d: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 0555555555

*Jul 7 07:55:13.735: BR0:1 PPP: Treating connection as a callout

*Jul 7 07:55:13.735: ISDN BR0: Event: Connected to 0555555555 on B1 at 64 Kb/s

*Jul 7 07:55:13.739: ISDN BR0: TX -> CONNECT_ACK pd = 8 callref = 0x52

*Jul 7 07:55:13.810: BR0:1 PPP: Phase is AUTHENTICATING, by the peer

*Jul 7 07:55:14.012: BR0:1 CHAP: I CHALLENGE id 134 len 32 from "router1"

*Jul 7 07:55:14.016: BR0:1 CHAP: Ignoring Challenge with local name

18w3d: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 0555555555

*Jul 7 07:55:23.845: BR0:1 CHAP: I CHALLENGE id 135 len 32 from "router1"

*Jul 7 07:55:23.849: BR0:1 CHAP: Ignoring Challenge with local name

*Jul 7 07:55:33.860: BR0:1 CHAP: I CHALLENGE id 136 len 32 from "router1"

*Jul 7 07:55:33.864: BR0:1 CHAP: Ignoring Challenge with local name

*Jul 7 07:55:43.876: BR0:1 CHAP: I CHALLENGE id 137 len 32 from "router1"

*Jul 7 07:55:43.880: BR0:1 CHAP: Ignoring Challenge with local name

*Jul 7 07:55:53.895: BR0:1 CHAP: I CHALLENGE id 138 len 32 from "router1"

why does it not allow connection with hostname as router's one ? What else can I do to connect to it remotely ?

Thanks,

Alex

zahmed · ‎09-01-2005

Hi Alex,

Can I get to see the two configs? Please remove IP addresses and passwords if thats OK with you.

Also it would be good to get "debug ppp nego" and "debug ppp authen" from both ends.

Thanx and Regards,

~Zulfiqar

Georg Pauwen · ‎09-01-2005

Hello Alex,

it looks like your remote router, router1, has the same name as your local router. Can you check that ?

Regards,

GP

cjdoidge · ‎09-02-2005

Hello guys,

thanks for all yor replyes. Here are 2 attachments with configurations - called and calling. "Calling" contains only parts of configuration responsible for calling to the other router. Please have a look

Routers hostnames are different.

Thanks again.

Alex

Kevin Dorrell · ‎09-02-2005

The problem is in the line ppp chap hostname pridrisdn01 in the calling router, against the line hostname pridrisdn01 in the called router. The command ppp chap hostname says "tell the other guy that I am pridrisdn01". In other words, it defines my name, not his.

I think you need dialer remote name pridrisdn01 instead, and let the calling router use its own hostname "dunisdn2".

Kevin Dorrell

Luxembourg

cjdoidge · ‎09-02-2005

Thanks for that, I understand that but the problem is that this router is away and the only entry in its local database is for that pridrisdn01 name, e.g.

username pridrisdn01 password 0 xxxxxxxx

So, if i use dunisdn2 - it doesn't know where to check it against. I really need this remote access ...

Kevin Dorrell · ‎09-02-2005

OK, I understand the problem, and I think I can propose a procedure that will yield a solution. But first I need to know:

1. Which of the routers do you have access to locally, and do you know all the configured passwords?

2. On the remote router (the one you do not have physical access to), is it configured in such a way that once you do get the call up and running, you can configure it via telnet?

3. Do you know the ISDN dialer string to dial from your normally-called to your normally-calling?

Kevin Dorrell

Luxembourg

cjdoidge · ‎09-05-2005

Hello there,

here are answers:

1. dunisdn2 (calling) is accessible, pridrisdn01 (called) is not physically accessible

2. I should be able to connect to the called one via telnet if I'm through the authentication.

3. Its one-way only I'm afraid, the "called" router cannot dial, only accept incoming calls. However in theory, the "calling" one can be set up to accept calls - it is not a problem, lines are available.

Thanks.

Alex