HP MSR series Command Reference Manual page 19
Layer 2 wan
Hide thumbs
Also See for MSR series:
- Configuration manual (889 pages) ,
- Command reference manual (684 pages) ,
- Wan access configuration manual (293 pages)
Table of Contents
Advertisement
ms-chap: Uses MS-CHAP authentication.
ms-chap-v2: Uses MS-CHAP-V2 authentication.
pap: Uses PAP authentication.
call-in: Authenticates the call-in users only.
domain isp-name: Specifies the domain name for authentication, a case-insensitive string of 1 to 24
characters.
Usage guidelines
If you run the ppp authentication-mode command with the domain keyword specified, you must
configure an address pool in the corresponding domain. You can use the display domain command to
display the domain configuration.
If you configure the ppp authentication-mode command without specifying the domain name, the system
checks the username for domain information. If the username contains a domain name, the domain will
be used for authentication If the domain does not exist, the user's access request will be denied. If the
username does not contain a domain name, the default domain is used. You can use the domain default
command to configure the default domain. If no default domain is configured, the default domain system
is used by default.
PPP authentication includes the following categories:
PAP—Two-way handshake authentication. The password used is in plain text.
•
CHAP—Three-way handshake authentication. The password is in cipher text.
•
MS-CHAP—Three-way handshake authentication. The password is in cipher text.
•
•
MS-CHAP-V2—Three-way handshake authentication. The password is in cipher text.
You can configure several authentication modes simultaneously.
In any PPP authentication mode, AAA determines whether a user can pass the authentication through a
local authentication database or an AAA server. For more information about AAA, see Security
Configuration Guide.
For authentication on a dial-up interface, configure authentication on both the physical interface and the
dialer interface. When a physical interface receives a DCC call request, it first initiates PPP negotiation
and authenticates the dial-in user, and then passes the call to the upper layer protocol.
Examples
# Configure interface Serial 2/0 to authenticate the peer device by using PAP.
<Sysname> system-view
[Sysname] interface serial 2/0
[Sysname-Serial2/0] ppp authentication-mode pap domain system
# Configure interface Serial 2/0 to authenticate the peer device by using PAP, CHAP, and MS-CHAP.
<Sysname> system-view
[Sysname] interface serial 2/0
[Sysname-Serial2/0] ppp authentication-mode pap chap ms-chap domain system
Related commands
ppp chap user
•
ppp pap local-user
•
ppp chap password
•
local-user (Security Command Reference)
•
7
Advertisement
Table of Contents
