ADTRAN 1000R Series User Manual

Page 833

Advertising
background image

Command Reference Guide

Demand Interface Configuration Command Set

61200510L1-35E

Copyright © 2005 ADTRAN

833

Several example scenarios are given below for clarity.

Configuring CHAP Example 1: Only the local router requires the peer to authenticate itself.

On the local router (hostname Local):

Local(config-demand 1)#ppp authentication chap

Local(config-demand 1)#username Peer password same

On the peer (hostname Peer):

Peer(config-demand 1)#username Local password same

The first line of this configuration sets the authentication mode to CHAP. This means the peer is required to
authenticate itself to the local router via CHAP. The second line is the username and password expected to
be sent from the peer. The peer must also have the username up both to verify the incoming username
from the local router and to use the password (along with its hostname) in the response to the local router.

Configuring CHAP Example 2: Both routers require the peer to authenticate itself.

On the local router (hostname Local):

Local(config-demand 1)#ppp authentication chap

Local(config-demand 1)#username Peer password same

On the peer (hostname Peer):

Peer(config-demand 1)#ppp authentication chap

Peer(config-demand 1)#username Local password same

This is basically identical to Example 1 except that both routers will now challenge each other and
respond.

Configuring CHAP Example 3: Using the ppp chap hostname command as an alternate solution.

On the local router (hostname Local):

Local(config-demand 1)#ppp authentication chap

Local(config-demand 1)#username Peer password same

Local(config-demand 1)#ppp chap hostname nearend

On the peer (hostname Peer):

Peer(config-demand 1)#username nearend password same

Notice the peer is expecting username “nearend” even though the local router's hostname is “Local.”
Therefore the local router can use the ppp chap hostname command to send the correct name on the
challenge.

The PPP username and password database is separate and distinct from the global
username password database. For PAP and CHAP, use the database under the PPP
interface configuration.

Both ends must have identical passwords.

Advertising
See also other documents in the category ADTRAN Hardware: