AIS Router AI2524 User Manual

Page 230

Advertising
background image

AI2524 Router Card User’s Manual

Page 11-4

August 1997

2524UM

the response and looking up the required host name or username. The
secret passwords must be identical on the remote device and the local
router.

By transmitting this response, the secret is never transmitted in clear
text, preventing other devices from stealing it and gaining illegal ac-
cess to the system. Without the proper response, the remote device
cannot connect to the local router.

CHAP transactions occur only at the time a link is established. The
local router or access server does not request a password during the
rest of the call. The local device can, however, respond to such re-
quests from other devices during a call.

When PAP is enabled, the remote router attempting to connect to the
local router or access server is required to send an authentication re-
quest. If the username and password specified in the authentication re-
quest are accepted, the Cisco IOS software sends an authentication
acknowledgment.

After you have enabled CHAP or PAP, the local router or access server
requires authentication from remote devices. If the remote device does
not support the enabled protocol, no traffic will be passed to that de-
vice.

1.

In interface configuration mode, enable PPP encapsulation:

encapsulation ppp

2.

In interface configuration mode, enable CHAP or PAP authentica-
tion on an interface configured for PPP encapsulation:

ppp authentication {chap | chap pap | pap

chap | pap} [if-needed] [

list-name

|

default] [callin]

The

ppp authentication chap

optional keyword, is used

only with TACACS or extended TACACS. The optional keyword

list-name

is used only with AAA/TACACS+.

Note:

If you use a

list-name

that has not been configured

with the

aaa authentication ppp

command, you

disable PPP on the line.

3.

Add a username entry for each remote system from which the
local router or access server requires authentication.

In global configuration mode, specify the password to be used in
CHAP or PAP caller identification:

username

name

password

secret

Advertising
Popular Brands
Popular manuals