2013/07/17

PPP PAP & CHAP 設定及說明

-----------------------------------------------------
PAP

R1 (PAP request authentication 要求需要認證的一方):

int s0/0
  encapsulation ppp
  ip address 13.0.0.1 255.255.255.0
  ppp authentication pap

username BOB password CISCO

R3 (PAP response authentication 回應認證要求的一方):

int s0/0
  encapsulation ppp
  ip address 13.0.0.3 255.255.255.0
  ppp pap sent-username BOB password CISCO

-----------------------------------------------------
CHAP (使用Hostname)

R1 (CHAP response authentication 回應認證要求的一方):

int s0/0
  encapsulation ppp
  ip address 13.0.0.1 255.255.255.0
  ppp authentication pap

username BOB password CISCO
username R3 password SHAREDSECRET

R3 (CHAP request authentication 要求需要認證的一方):

int s0/0
  encapsulation ppp
  ip address 13.0.0.3 255.255.255.0
  ppp pap sent-username BOB password CISCO
  ppp authentication chap

username R1 password SHAREDSECRET

-----------------------------------------------------
CHAP (回應者不使用hostname, 改用ppp chap host XXX)

R1 (CHAP response authentication 回應認證要求的一方):

int s0/0
  encapsulation ppp
  ip address 13.0.0.1 255.255.255.0
  ppp authentication pap
  ppp chap host ROUTER1

username BOB password CISCO
username R3 password SHAREDSECRET

R3 (CHAP request authentication 要求需要認證的一方):

int s0/0
  encapsulation ppp
  ip address 13.0.0.3 255.255.255.0
  ppp pap sent-username BOB password CISCO
  ppp authentication chap

username Router1 password SHAREDSECRET

-----------------------------------------------------
CHAP (回應者不管是誰來challenge, 均使用相同的密碼,經由MD5 hash後送出)

R1 (CHAP response authentication 回應認證要求的一方):

int s0/0
  encapsulation ppp
  ip address 13.0.0.1 255.255.255.0
  ppp authentication pap
  ppp chap host ROUTER1
  ppp chap password SHAREDSECRET

username BOB password CISCO

R3 (CHAP request authentication 要求需要認證的一方):

int s0/0
  encapsulation ppp
  ip address 13.0.0.3 255.255.255.0
  ppp pap sent-username BOB password CISCO
  ppp authentication chap

username Router1 password SHAREDSECRET

-----------------------------------------------------
CHAP
(回應者不管是誰來challenge, 均使用相同的密碼,經由MD5 hash後送出)
(但若是R3來challenge時就送出另外一組密碼)

R1 (CHAP response authentication 回應認證要求的一方):

int s0/0
  encapsulation ppp
  ip address 13.0.0.1 255.255.255.0
  ppp authentication pap
  ppp chap host ROUTER1
  ppp chap password DEFAULTPASSWORD

username BOB password CISCO
username R3 password SHAREDSECRET

R3 (CHAP request authentication 要求需要認證的一方):

int s0/0
  encapsulation ppp
  ip address 13.0.0.3 255.255.255.0
  ppp pap sent-username BOB password CISCO
  ppp authentication chap

username Router1 password SHAREDSECRET

-----------------------------------------------------
張貼者:
標籤: , , ,

沒有留言:

張貼留言

訂閱: 張貼留言 (Atom)