02-20-2009 05:21 AM - edited 03-04-2019 03:39 AM
Greetings,
I currently have 2 876 routers with ISDN as a backup.
When i passed CCNA back in 2003 i read that for chap authentication one needs to configure chap username and password of the peer router and then define dialer string in dialer interface.
However these routers have a different setup and at the dialer interface they use the command 'ppp authentication chap pap callin'. I read that this is a new way of defining a commom username/password of the router with the difference that you basically define your router's credentials and not your peers. For example for router 1 you define his own credentials and not his peer's (router2).
Now the problem is that these routers have been setup with SDM and a 'dialer string' has been configured. I am asked to reconfigure them because of a 3rd router existance so i need to define 'dialer map' commands.
So, if anyone knows please reply on the following:
1. Is 'dialer map' command compatible with 'ppp authentication chap pap callin' setup?
2. Has 'dialer map' command been substituted with another command?
3. Do i need to configure anything else except from the dialer?
FYI i also submit the sh startup config for ISDN
interface Dialer0
ip address 192.168.3.1 255.255.255.0
encapsulation ppp
dialer pool 1
dialer string xxxxx
dialer load-threshold 128 outbound
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname rout1
ppp chap password xxxxxxxx
ppp multilink
Many thanks in advance
regards,
themis
02-20-2009 05:37 AM
Hello Themis,
remove the dialer string and add two dialer map commands one for each spoke router.
also for the authentication should work better with the old style:
two username commands in global config one for each spoke router.
the command
ppp authentication chap callin
should use CHAP but not in a bidirectional way here callin should the calling party only that has to be authenticated.
with normal commands CHAP authentication is bidirectional: each router challenges the other one.
This should be the difference provided by the option callin
Hope to help
Giuseppe
02-20-2009 05:55 AM
greetings giuseppe and thanks for your really quick reply!
So what you are saying is that i should define in global config mode the other 2 peers, leave the chap callin command in dialer and replace dialer string with dialer map info. Correct?
Also, something else. At the BRI int i see the following
interface BRI0
no ip address
ip mask-reply
no ip redirects
no ip proxy-arp
encapsulation ppp
ip route-cache flow
dialer pool-member 1
isdn switch-type basic-net3
isdn point-to-point-setup
ppp multilink
What is that line 'isdn point-to-point-setup' for?
again many thanks,
themis
02-20-2009 06:06 AM
Hello Themis,
your understanding is correct
I personally never used that command
here is the command reference
http://www.cisco.com/en/US/docs/ios/dial/command/reference/dia_i2.html#wp1013211
I think you should remove it even if the notes say it is effective if
This command only applies if a static TEI has been activated with the isdn static-tei
Hope to help
Giuseppe
02-20-2009 06:21 AM
ok,
many thanks for your time. :)
themis
02-27-2009 03:37 AM
greetings again,
I am facing a serious issue. I try to configure dialer map from interface dialer0 and the router doesnt support it, i.e. it doesnt have it as a command.
I can only configure them through bri interface but since i am using dialer profile i know that this is not correct.
Any suggestions? If i configure them in bri int will it work?
many thanks,
themis
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: