Posts Tagged ‘chap configuration on cisco routers’

In this tutorial we will learn how to configure CHAP on Cisco Routers.But before we start configuring it we must know what CHAP is and why we configure it.CHAP is an authentication scheme used by Point to Point Protocol  servers to validate the identity of remote clients. It periodically verifies the identity of the client by using a three-way handshake. The verification is based on a shared secret (such as the client user’s password).
  1. One of important feautures of  CHAP is that it doesn’t only require the client to authenticate itself at startup time, but sends challenges at regular intervals to make sure the client hasn’t been replaced by an intruder, for instance by just switching phone lines.

Network admins configure CHAP on routers because it provides protection against replay attacks by the peer through the use of an incrementally changing identifier and of a variable challenge-value.

Authentication through CHAP is  more secure because it requires that both the client and server know the plaintext of the secret, although it is never sent over the network.

CHAP provides better security as compared to Password Authentication Protocol (PAP). (more…)