-
One of important feautures of CHAP is that it doesn’t only require the client to authenticate itself at startup time, but sends challenges at regular intervals to make sure the client hasn’t been replaced by an intruder, for instance by just switching phone lines.
Network admins configure CHAP on routers because it provides protection against replay attacks by the peer through the use of an incrementally changing identifier and of a variable challenge-value.
Authentication through CHAP is more secure because it requires that both the client and server know the plaintext of the secret, although it is never sent over the network.
CHAP provides better security as compared to Password Authentication Protocol (PAP).
CONFIGURATION ON ROUTER R1:
Router>enable
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#host R1
R1(config)#int se0/0/0
R1(config-if)#ip add 1.0.0.1 255.0.0.0
R1(config-if)#clock rate 64000
R1(config-if)#encapsulation ppp
R1(config-if)#ppp authentication chap
R1(config-if)#exit
R1(config)#username R2 password redhat
R1(config)#int se0/0/0
R1(config-if)#no shut
CONFIGURATION ON ROUTER R2:
Router>enable
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#host R2
R2(config)#username R1 password redhat
R2(config)#int se0/0/0
R2(config-if)#ip add 1.0.0.2 255.0.0.0
R2(config-if)#no shut
R2(config-if)#encapsulation ppp
R2(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
R2(config-if)#ppp authentication chap
Now test communication between these routers:
R1#ping 1.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/10/50 ms
R1#
Test PPP Configuration on Router Interface using below command.
R1#show int se0/0/0
Serial0/0/0 is up, line protocol is up (connected)
Hardware is HD64570
Internet address is 1.0.0.1/8
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set, keepalive set (10 sec)
i love ur website
LikeLiked by 1 person