Figure 5-20 Using Pap Mode For Identity Authentication - Zte ZXR10 2900E series Configuration Manual
Easy-maintenance secure switch
Hide thumbs
Also See for ZXR10 2900E series:
- Command reference manual (692 pages) ,
- Command reference manual (750 pages)
Table of Contents
Advertisement
Chapter 5 Service Configuration
PAP is a simple plain text authentication mode. NAS requires the subscriber to
provide the username and password and the subscriber returns the subscriber
information in the form of plain text. The server checks whether this subscriber
is available and whether the password is correct according to the subscriber
configuration and returns different responses. This authentication mode features
poor security and the username and password transferred may be easily stolen.
For the process of using the PAP mode for identity authentication, see
Figure
5-20.
Figure 5-20 Using PAP Mode for Identity Authentication
l
Challenge Handshake Authentication Protocol (CHAP)
CHAP is an encrypted authentication mode and avoids the transmission of the user's
real password upon connection setup. NAS sends a randomly generated Challenge
string to the user.
The user encrypts the Challenge string by using the user's
password and MD5 algorithm and returns the username and encrypted Challenge
string (encrypted password).
The server uses the user password it stores and the MD5 algorithm to encrypt the
Challenge string. Then it compares this Challenge string with the encrypted password
of the server and returns a response accordingly.
For the process of using the CHAP mode for identity authentication, see
Figure
5-21.
5-73
SJ-20130731155059-002|2013-11-27 (R1.0)
ZTE Proprietary and Confidential
Hide quick links:
Advertisement
Table of Contents
