Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Bronze

ppp and chap

Hi every body!

My book says " with chap the protocol begins with a message called a challenge which asks the other router to send its user name and password. The chap challenge states the random number both routers are pre-configured with the password.The challenged router runs the hash algorithm using the just-learned random number and the secret password and sends the result back to the router that sent the challenge"

My question is when router sends the challenge response does it also include the user name?

The book shows a command " ppp authentication chap pap",

MY book says it tells the router try first chap if no message is received then try pap.

I am just wondering how about" ppp authentication pap chap", will router try pap first if no message is received then try chap ?

Thanks a lot!

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: ppp and chap

Hello Sarah,

>> My question is when router sends the challenge response does it also include the user name?

yes, because the local router needs to be able to distinguish between multiple possible peers (this is possible on ISDN)

see

http://www.cisco.com/en/US/tech/tk713/tk507/technologies_tech_note09186a00800b4130.shtml#8

from the document above:

BR0:1 CHAP: O CHALLENGE id 9 len 33 from "maui-soho-03"

or

BR0:1 CHAP: O RESPONSE id 16 len 33 from "maui-soho-03"

O means output I input in deb ppp neg output.

2) ppp authentication pap chap", will router try pap first if no message is received then try chap ?

yes it should be so the list should be an ordered list of authentication methods

Hope to help

Giuseppe

1 REPLY
Hall of Fame Super Silver

Re: ppp and chap

Hello Sarah,

>> My question is when router sends the challenge response does it also include the user name?

yes, because the local router needs to be able to distinguish between multiple possible peers (this is possible on ISDN)

see

http://www.cisco.com/en/US/tech/tk713/tk507/technologies_tech_note09186a00800b4130.shtml#8

from the document above:

BR0:1 CHAP: O CHALLENGE id 9 len 33 from "maui-soho-03"

or

BR0:1 CHAP: O RESPONSE id 16 len 33 from "maui-soho-03"

O means output I input in deb ppp neg output.

2) ppp authentication pap chap", will router try pap first if no message is received then try chap ?

yes it should be so the list should be an ordered list of authentication methods

Hope to help

Giuseppe

220
Views
0
Helpful
1
Replies