Table of Contents
Advertisement
encapsulation ppp
Key Word:
U(undo)
D(default)
......
(11)encapsulation
(12)english
......
Please Input the code of command to be excute(0-32): 11
Key Word:
U(undo)
D(default)
(00)frame-relay Frame Relay Protocol
(01)hdlc
(02)ppp
(03)sdlc
(04)x25
Please Input the code of command to be excute(0-4): 2
Will you excute it? (Y/N):y
5.7.4 Enabling CHAP or PAP Authentication
PPP with CHAP or PAP authentication is often used to inform the central site about which remote
routers are connected to it.
CHAP and PAP were originally specified in RFC 1334, and CHAP is updated in RFC 1994. These
protocols are supported on synchronous and asynchronous serial interfaces. When using CHAP or
PAP authentication, each router or access server identifies itself by a name. This identification process
prevents a router from placing another call to a router to which it is already connected, and also
prevents unauthorized access.
Access control using CHAP or PAP is available on all serial interfaces that use PPP encapsulation. The
authentication feature reduces the risk of security violations on your router or access server.
Notes:
To use CHAP or PAP, you must be running PPP encapsulation.
When CHAP is enabled on an interface and a remote device attempts to connect to it, the local router
or access server sends a CHAP packet to the remote device. The CHAP packet requests or
"challenges" the remote device to respond. The challenge packet consists of an ID, a random number,
and the host name of the local router.
The required response has two parts:
♦ An encrypted string of the ID, a secret password, and the random number.
♦ Either the host name of the remote device or the name of the user on the remote device
When the local router or access server receives the response, it verifies the secret password by
performing the same encryption operation as indicated in the response and looking up the required
host name or username. The secret passwords must be identical on the remote device and the local
router.
Because this response is sent, the password is never sent in clear text, preventing other devices from
stealing it and gaining illegal access to the system. Without the proper response, the remote device
cannot connect to the local router.
CHAP transactions occur only when a link is established. The local router or access server does not
request a password during the rest of the call. (The local device can, however, respond to such
requests from other devices during a call.)
When PAP is enabled, the remote router attempting to connect to the local router or access server is
required to send an authentication request. If the username and password specified in the
authentication request are accepted, the D-Link router sends an authentication acknowledgment.
Command
Q(quit)
Set encapsulation type for an interface
help message in English
Q(quit)
HDLC Protocol
PPP Protocol
SDLC Protocol
X.25 Protocol
Model Name
Purpose
Enabling PPP encapsulation.
- 101 -
Hide quick links:
Advertisement
Table of Contents
