PPP DESIGN USING CHAP
AUTHENTICATION
PPP Overview
PPP Point to Point Protocol is a Layer 2 WAN Protocol. For data transmission between any two nodes or routers, a data path must be established, and flow control procedures must be in place to ensure deliver of data. Point-to-Point Protocol is a data link protocol and its basic purpose is to transport layer-3 packets across a Data Link layer point-to-point network. It is the most widely used and most popular WAN protocol because it offers control of data link set-up, dynamic assignment of IP addresses, network protocol multiplexing, link testing, link configuration, error detection and negotiation options for network-layer address and data compression.
PPP uses two authentication protocols PAP and CHAP. CHAP is the preferred protocol, because CHAP uses 3-way handshake; whereas, PAP uses 2-way handshake.
PAP is less secure than CHAP, passwords are sent in clear text and PAP is only performed upon the initial link set-up. PAP uses a two-way handshake to establish identity.
ROUTER CONFIGURATION
- Authentication between Data Center Router, Service Center and Shaw Butte Routers
- Hostname of Data Center Router: DataCenter
- Hostname of Service Center Router: ServiceCenter
- Hostname of Shaw Butte Router: ShawButte
- all three routers need to authenticate each other
The CHAP configuration for Service Center Router:
A similar configuration should be implemented for the
interfaces that range from serial 1 to serial 7, and also for the
Shaw Butte Router.
Thanks & Regards
Vijay Vishwakarma
PPP Overview
PPP Point to Point Protocol is a Layer 2 WAN Protocol. For data transmission between any two nodes or routers, a data path must be established, and flow control procedures must be in place to ensure deliver of data. Point-to-Point Protocol is a data link protocol and its basic purpose is to transport layer-3 packets across a Data Link layer point-to-point network. It is the most widely used and most popular WAN protocol because it offers control of data link set-up, dynamic assignment of IP addresses, network protocol multiplexing, link testing, link configuration, error detection and negotiation options for network-layer address and data compression.
PPP Components
PPP addresses the problems of Internet connectivity by employing three main components:- A method for encapsulating datagrams over serial links. PPP uses High-Level Data Link Control (HDLC) as a basis for encapsulating datagrams over point-to-point links.
- Link Control Protocol (LCP) for setting up, configuring and testing the data link connection.
- PPP uses Network Control Protocol (NCP) for establishing and configuring different network-layer protocols. PPP is designed to allow the simultaneous use of multiple network-layer protocols (e.g., IP, IPX, Appletalk, ..., etc.)
PPP uses two authentication protocols PAP and CHAP. CHAP is the preferred protocol, because CHAP uses 3-way handshake; whereas, PAP uses 2-way handshake.
PAP is less secure than CHAP, passwords are sent in clear text and PAP is only performed upon the initial link set-up. PAP uses a two-way handshake to establish identity.
ROUTER CONFIGURATION
- Authentication between Data Center Router, Service Center and Shaw Butte Routers
- Hostname of Data Center Router: DataCenter
- Hostname of Service Center Router: ServiceCenter
- Hostname of Shaw Butte Router: ShawButte
- all three routers need to authenticate each other
| DataCenter#
configure terminalDataCenter(config)#
enable password cisco DataCenter(config)# enable secret class DataCenter(config)# username ServiceCenter password cisco DataCenter(config)# username ShawButte password cisco DataCenter(config)# line console 0 DataCenter(config-line)# login DataCenter(config-line)# password cisco DataCenter(config-line)# exit DataCenter(config)# line vty 0 4 DataCenter(config-line)# login DataCenter(config-line)# password cisco DataCenter(config-line)# exit DataCenter(config)#interface serial 1 DataCenter(config-if)# ip address 150.150.96.1 255.255.224.0 DataCenter(config-if)# encapsulation ppp DataCenter(config-if)# ppp authentication chap DataCenter(config-if)# no shutdown DataCenter(config)#interface serial 2 DataCenter(config-if)# ip address 150.150.96.3 255.255.224.0 DataCenter(config-if)# encapsulation ppp DataCenter(config-if)# ppp authentication chap DataCenter(config-if)# no shutdown DataCenter(config)#interface serial 3 DataCenter(config-if)# ip address 150.150.96.5 255.255.224.0 DataCenter(config-if)# encapsulation ppp DataCenter(config-if)# ppp authentication chap DataCenter(config-if)# no shutdown DataCenter(config)#interface serial 4 DataCenter(config-if)# ip address 150.150.96.7 255.255.224.0 DataCenter(config-if)# encapsulation ppp DataCenter(config-if)# ppp authentication chap DataCenter(config-if)# no shutdown DataCenter(config)#interface serial 5 DataCenter(config-if)# ip address 150.150.64.1 255.255.224.0 DataCenter(config-if)# encapsulation ppp DataCenter(config-if)# ppp authentication chap DataCenter(config-if)# no shutdown DataCenter(config)#interface serial 6 DataCenter(config-if)# ip address 150.150.64.3 255.255.224.0 DataCenter(config-if)# encapsulation ppp DataCenter(config-if)# ppp authentication chap DataCenter(config-if)# no shutdown DataCenter(config)#interface serial 7 DataCenter(config-if)# ip address 150.150.64.5 255.255.224.0 DataCenter(config-if)# encapsulation ppp DataCenter(config-if)# ppp authentication chap DataCenter(config-if)# no shutdown DataCenter(config)#interface serial 8 DataCenter(config-if)# ip address 150.150.64.7 255.255.224.0 DataCenter(config-if)# encapsulation ppp DataCenter(config-if)# ppp authentication chap DataCenter(config-if)# no shutdown DataCenter(config-if)# exit DataCenter(config)# exit DataCenter# |
| ServiceCenter#
configure terminal ServiceCenter(config)# enable password cisco ServiceCenter(config)# enable secret classServiceCenter(config)# username DataCenter password cisco ServiceCenter(config)# username ShawButte password cisco ServiceCenter(config)# line console 0 ServiceCenter(config-line)# login ServiceCenter(config-line)# password cisco ServiceCenter(config-line)# exit ServiceCenter(config)# line vty 0 4 ServiceCenter(config-line)# login ServiceCenter(config-line)# password cisco ServiceCenter(config-line)# exit ServiceCenter(config)# interface serial 0 ServiceCenter(config-if)# ip address 150.150.96.2 255.255.224.0 ServiceCenter(config-if)# encapsulation ppp ServiceCenter(config-if)# ppp authentication chap ServiceCenter(config-if)# no shutdown ServiceCenter(config-if)# exit ServiceCenter(config)# exit ServiceCenter# |
Thanks & Regards
Vijay Vishwakarma
No comments:
Post a Comment