Configuring ppp, Overview, Pap authentication – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 102: Chap authentication
92
Configuring PPP
Overview
The Point-to-Point Protocol (PPP) is a link layer protocol that carries network layer packets over
point-to-point links. It gains popularity because it provides user authentication, supports
synchronous/asynchronous communication, and allows for easy extension.
PPP contains a set of protocols, including the Link Control Protocol (LCP), various network control
protocols (NCPs), and authentication protocols such as Password Authentication Protocol (PAP),
Challenge Handshake Authentication Protocol (CHAP), Microsoft CHAP (MS-CHAP), and Microsoft
CHAP Version 2 (MS-CHAP-V2). Among these protocols,
•
LCP establishes, tears down, and monitors data links.
•
NCPs negotiate the formats and types of data packets transmitted on data links.
•
PAP, CHAP, MS-CHAP, and MS-CHAP-V2 secure the network.
PAP authentication
PAP is a two-way handshake authentication protocol using plain text passwords. It operates in the
following workflow.
1.
The authenticatee sends its username and password to the authenticator.
2.
The authenticator then checks the local user list to see if the username and password are correct
and returns an Acknowledge or Not Acknowledge packet.
Figure 25 PAP authentication
During PAP authentication, the password is transmitted on the link in plain text. In addition, the
authenticatee sends the username and the password repeatedly through the established PPP link until the
authentication is over. PAP is not a secure authentication protocol and cannot prevent attacks.
CHAP authentication
CHAP is a three-way handshake authentication protocol using cipher text password.