Point To-Point ptotocol. PPP

 

PPP (Point-To-Point Potocol)

An open-standard protocol for WAN encapsulation. It can be used on Asynchronous, Synchronous, High Speed Serial interfaces and ISDN. PPP allows options for authentication. PPP uses the following before sending data.
LCP- used to negotiate a link’s parameter before transmission. After both peers agree on the MTU, bandwidth, authentication occurs if configured.
NCP ( Network Control Protocol) then chooses the protocol to use such as IP.
PP has two form of authentication.

PAP (Password Auth. Protocol).
Uses a two-way handshake. It provides security by using a username and password. However , password and username Is sent as clear text making it susceptible to hackers.

CHAP (Challenge Handshake Auth. Protocol)
Uses a three-way handshake and randomly authenticates the peer. Password and username are encrypted using MD5 and verified a hash.

Config mode:

#username ****** password*******

Under the serial interface:

R1(config-if)# encapsulation ppp
R1(config-if)# ppp authentication chap
Or

R1(config-if)#ppp authentication pap

 

PPP config with Authentication

 

 

 

 

 

 

PPP

 

PPP Authentication between two routers using CHAP
R1#conf t
R1(config)#hostname Tokyo
Tokyo(config)#int s1/0
Tokyo(config-if)#ip address 209.20.20.9 255.255.255.0
Tokyo(config-if)#clock rate 128000
Tokyo(config-if)#des PPP Connection to Brussels
Tokyo(config-if)#no shut

Tokyo(config)#line con 0
Tokyo(config-line)#password cisco
Tokyo(config-line)#login
Tokyo(config-line)#exec-t
Tokyo(config-line)#exec-timeout 0 0
Tokyo(config-line)#exit
Tokyo(config)#line vty 0 4
Tokyo(config-line)#password cisco
Tokyo(config-line)#login
Tokyo(config-line)#exit
Tokyo(config)#ena secret cisco

Tokyo(config)#int s1/0
Tokyo(config-if)#encapsulation ppp
Tokyo(config)#username Brussels password cisco
Tokyo(config-if)#ppp authentication chap
Tokyo(config-if)#end

Tokyo(config)#do sh run

ppp sh run

 

 

 

 

 

 

 

Router Brussels

R2(config)#hos Brussels

Brussels(config)#int s1/1
Brussels(config-if)#ip address 209.20.20.10 255.255.255.252
Brussels(config-if)#des PPP Connection to Tokyo
Brussels(config-if)#no shut

Brussels(config-if)#do ping 209.20.20.9

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 209.20.20.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/38/72 ms
Brussels(config)#line con 0
Brussels(config-line)#exec-timeout 0 0
Brussels(config-line)#password cisco
Brussels(config-line)#exit
Brussels(config)#enable secret cisco
Brussels(config)#line vty 0 4
Brussels(config-line)#password cisco
Brussels(config-line)#login
Brussels(config-line)#exit
Brussels(config)#do wri mem
Building configuration…
[OK]
Brussels(config)#int s1/0
Brussels(config-if)#int s1/1
Brussels(config-if)#encapsulation ppp
Brussels(config-if)#do ping 209.20.20.9

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 209.20.20.9, timeout is 2 seconds:
!!!!!
Brussels(config)#Username Tokyo password cisco
Brussels(config)#int s1/1
Brussels(config-if)#ppp authentication chap
Brussels(config-if)#
Brussels(config-if)#do ping 209.20.20.9

Brussels#sh int s1/1

Serial1/1 is up, line protocol is down
Brussels#deb ppp packet
PPP packet display debugging is on
Brussels#undebug all
*Oct 24 16:23:10.455: Se1/1 LCP-FS: I ECHOREQ [Open] id 16 len 12 magic 0x003CE286
*Oct 24 16:23:10.455: Se1/1 LCP-FS: O ECHOREP [Open] id 16 len 12 magic 0x013CCE4E
*Oct 24 16:23:10.531: Se1/1 LCP: O ECHOREQ [Open] id 16 len 12 magic 0x013CCE4E
*Oct 24 16:23:10.571: Se1/1 LCP-FS: I ECHOREP [Open] id 16 len 12 magic 0x003CE286
*Oct 24 16:23:10.571: Se1/1 LCP-FS: Received id 16, sent id 16, line up

Brussels#undebug all

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Find me on YouTube

Recent Posts

Recent Comments