PPP
• Media independentencapsulation
– Serial, Ethernet, Frame Relay, ATM, etc.
– encapsulation ppp
• Adds features that other layer2 medias don’t natively support
– Authentication
– Multilink
– Fragmentation
– Reliability
PPP Negotiation
• PPP uses Link Control Protocol (LCP) to negotiate higher layer protocols
– Internet Protocol Control Protocol (IPCP)
– IPV6CP
– CDPCP
– Etc.
• Can be used to negotiate
– Address assignment
– Routing information
• Verification
– debug pppnegotiation
PPP Authentication
• Password Authentication Protocol (PAP)
– Clear text username
– Clear text password
• Challenge Handshake Authentication Protocol (CHAP)
– Clear text username
– MD5 hashed password
• MSCHAP / MSCHAPv2 / EAP / etc…
PPP PAP Authentication
• Authentication Request
– ppp authentication pap
• Authentication Response
– no ppp pap refuse
– ppppap sent-username… password
• Verification
– debug ppp negotiation
– debug ppp authentication
PPP CHAP Authentication
• Authentication Request
– ppp authentication chap
• Authentication Response
– no ppp chap refuse
– Usernames & Passwords
• Global vs Interface
• Verification
– debug ppp negotiation
– debug ppp authentication
-----------------------------------------------------
Dial and Access
Cisco IOS Dial Technologies Configuration Guide, Release 12.4T
Part 9: PPP Configuration
Configuring Media-Independent PPP and Multilink PPP
http://www.cisco.com/en/US/docs/ios/dial/configuration/guide/dia_media-ind_multi_ppp_ps6441_TSD_Products_Configuration_Guide_Chapter.html
採用PPP連線...routing table中會有一筆PPP Neighbor Route............例如:2.2.2.2/32
可以下 no peer neighbor-route 讓這一筆 routing 消失
(若兩端的PPP為同網段, 2.2.2.0/24路由還是存在喔, 當然可以下這行指令讓neighbor route消失)
但若是我們採用PPP no peer neighbor-route並且搭配
ip unnumbered使用的話...要小心...還需要加上static routing
(因為此時兩端的PPP就為不同網段並沒有任何路由存在喔)
int loopback 0
ip address 1.1.1.1/32
int s0/0
encapsulaion ppp
ip address unnumbered loopback 0
no peer neighbor-route
ip route 2.2.2.2 255.255.255.255 Serial 0/0
沒有留言:
張貼留言