I am trying to understand the purpose of the "ppp chap password "command in dialer and ISDN interface configurations, i.e., what is the reason and usage of this. Unfortunately, looking into IOS command guides and references did not help me much.
My understanding is, if a router receive a challange, and that hostname/password is not defined locally, chap will use 'ppp chap password ' to generate a hash. Please correct if i'm wrong.
Therefore in this case, if i tried putting this cmd in both routers without username/password defined, ppp should pass the authentication. But its not.
CHAP authentication, on the other hand, periodically verifies the identity of the remote node using a three-way handshake.
After the PPP link is established, the host sends a "challenge" message to the remote node.
Remember the remote node responds with a value calculated using a one-way hash function.
The host checks the response against its own calculation of the expected hash value.
If the values match, the authentication is acknowledged; otherwise, the connection is terminated.
So if you do not have hostname and passwword defined at the remote end it will perform a hash function and that value will not at all match with the sending host generated value so the connection will be terminated.
And that is the reason for CHAP authentication to have a secure authentication for establishing a conenction.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...