Extreme Networks Altitude 4700 Series Product Reference Manual page 139

NOTE
Be aware that the Access Point can (incorrectly) carry over previously configured static IP information
and maintain two connected routes once it gets an IP address from a PPPOE connection.
Enable
Username
Password
PPPoE State
Keep-Alive
Idle Time (seconds) Specify an idle time in seconds to limit how long the
Authentication Type Use the Authentication Type menu to specify the
Altitude 4700 Series Access Point Product Reference Guide
Use the checkbox to enable Point-to-Point over Ethernet
(PPPoE) for a high-speed connection that supports this
protocol. Most DSL providers are currently using or
deploying this protocol.
PPPoE is a data-link protocol for dialup connections.
PPPoE allows a host PC to use a broadband modem
(DSL) for access to high-speed data networks.
Specify a username entered when connecting to the ISP.
When the Internet session begins, the ISP authenticates
the username.
Specify a password entered when connecting to the ISP.
When the Internet session starts, the ISP authenticates the
password.
Displays the current connection state of the PPPoE client.
When a PPPoE connection is established, the status
displays Connected. When no PPPoE connection is active,
the status displays Disconnected.
Select the Keep-Alive checkbox to maintain the WAN
connection indefinitely (no timeout interval). Some ISPs
terminate inactive connections. Enabling Keep-Alive keeps
the access point's WAN connection active, even when
there is no traffic. If the ISP drops the connection after an
idle period, the access point automatically re-establishes
the connection to the ISP. Enabling Keep-Alive mode
disables (grays out) the Idle Time field.
access point's WAN connection remains active after
outbound and inbound traffic is not detected. The Idle
Time field is grayed out if Keep-Alive is enabled.
authentication protocol(s) for the WAN connection. Choices
include None, PAP or CHAP, PAP, or CHAP.
Password Authentication Protocol (PAP) and Challenge
Handshake Authentication Protocol (CHAP) are competing
identify-verification methods.
PAP sends a username and password over a network to a
server that compares the username and password to a
table of authorized users. If the username and password
are matched in the table, server access is authorized.
WatchGuard products do not support the PAP protocol
because the username and password are sent as clear
text that a hacker can read.
CHAP uses secret information and mathematical
algorithms to send a derived numeric value for login. The
login server knows the secret information and performs the
same mathematical operations to derive a numeric value.
If the results match, server access is authorized. After
login, one of the numbers in the mathematical operation is
changed to secure the connection. This prevents any
intruder from trying to copy a valid authentication session
and replaying it later to log in.
139