Configure serial interface with encapsulation PPP and CHAP authentication

Configure serial interface with encapsulation PPP and CHAP authentication

- in CCNA
7584
0

PPP is a standard protocol used to send data over synchronous serial links. PPP also provides a Link Control Protocol (LCP) for negotiating the properties of the link. LCP uses echo requests and responses to monitor the continuing availability of the link.

PPP supports CHAP, MS-CHAP, and PAP authentication protocols, which require a remote device to prove its identity before allowing data traffic to flow over a connection.

Challenge Handshake Authentication Protocol (CHAP)—CHAP authentication sends a challenge message to the remote device. The remote device encrypts the challenge value with a shared secret and returns the encrypted value and its name to the local router in a response message. The local router attempts to match the remote device’s name with an associated secret stored in the local username or remote security server database; it uses the stored secret to encrypt the original challenge and verify that the encrypted values match.

Configure PPP encapsulation with CHAP authentication:

Step 1.- Configure username for remote router

Router(config)# username <username> password <password>

This is the username and password used by the local router to authenticate the PPP peer.

Step 2.- Specifies the serial interface and enters interface configuration mode.

Router(config)# interface serial wic/slot/port

Step 3.- Configures synchronous serial encapsulation.

Router(config-if)# encapsulation { hdlc | frame-relay | ppp }

Step 4 .- Configure authentication CHAP

Router(config-if)# ppp authentication chap

Verification commands:

show interface serial wic/slot/port
show controllers serial wic/slot/port
show interface ip brief

Verification commands:

debug ppp authentication

Example:

Config R1:

R1(config)#username R2 password Hi-Im-R2
R1(config)#interface serial 0/2/0
R1(config-if)#clock rate 64000
R1(config-if)#ip address 10.1.1.1 255.255.255.252
R1(config-if)#encapsulation ppp
R1(config-if)#ppp authentication chap
R1(config-if)#no shut
R1(config-if)#exit

Config R2:

R2(config)#username R1 password Hi-Im-R1
R2(config)#interface serial 0/1/1
R2(config-if)#ip address 10.1.1.2 255.255.255.252
R2(config-if)#encapsulation ppp
R2(config-if)#ppp authentication chap
R2(config-if)#no shut

%LINK-5-CHANGED: Interface Serial0/1/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/1, changed state to up

R2(config-if)#exit

Validation:

R1#show interfaces serial 0/2/0
Serial0/2/0 is up, line protocol is up (connected)
Hardware is HD64570
Internet address is 10.1.1.1/30
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set, keepalive set (10 sec)
LCP Open
Open: IPCP, CDPCP

R1#show controllers serial 0/2/0
Interface Serial0/2/0
Hardware is PowerQUICC MPC860
DCE V.35, clock rate 64000
idb at 0x81081AC4, driver data structure at 0x81084AC0
SCC Registers:
General [GSMR]=0x2:0x00000000, Protocol-specific [PSMR]=0x8
Events [SCCE]=0x0000, Mask [SCCM]=0x0000, Status [SCCS]=0x00

Reference:

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/interface/configuration/15-mt/ir-15-mt-book/ir-cfg-ser-if.html

Facebook Comments

You may also like

How-to Install SSH Server on Linux 

1.- Install with apt-get command on Ubuntu: sudo