module 54

ICND1 v1.01-1http://vnexperts.net

LAN Extension into a WAN

Establishing a Point-to-Point WAN Connection with PPP


Typical WAN Encapsulation Protocols


An Overview of PPP

PPP can carry packets from several protocol suites using NCP. PPP controls the setup of several link options using LCP.


PPP Session Establishment

PPP session establishment:1. Link establishment phase2. Authentication phase (optional)

Two PPP authentication protocols: PAP and CHAP3. Network layer protocol phase


PPP Authentication Protocols: PAP

Passwords sent in plaintext Peer in control of attempts


PPP Authentication Protocols: CHAP

This is an example of the Santa Cruz router authenticating to the HQ routerHash values, not actual passwords, are sent across the link.The local router or external server is in control of authentication attempts.


Configuring PPP and Authentication Overview


Configuring PPP and Authentication

RouterX(config-if)# encapsulation ppp

Enables PPP encapsulation

RouterX(config)# hostname name

Assigns a hostname to your router

RouterX(config)# username name password password

Identifies the username and password of remote router

RouterX(config-if)# ppp authentication{chap | chap pap | pap chap | pap}

Enables PAP or CHAP authentication


PPP and CHAP Configuration Example

hostname RouterXusername RouterY password sameone!int serial 0ip address 10.0.1.1 255.255.255.0encapsulation pppppp authentication chap

hostname RouterYusername RouterX passw!int serial 0ip address 10.0.1.2 255.2encapsulation pppppp authentication chap


Verifying the PPP Encapsulation Configuration

RouterX# show interface s0Serial0 is up, line protocol is upHardware is HD64570Internet address is 10.140.1.2/24MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usEncapsulation PPP, loopback not set, keepaliLCP OpenOpen: IPCP, CDPCPLast input 00:00:05, output 00:00:05, output hLast clearing of "show interface" counters neQueueing strategy: fifoOutput queue 0/40 0 drops; input queue 0/75


Verifying PPP Authentication

RouterX# debug ppp authentication4d20h: %LINK-3-UPDOWN: Interface Serial0, changed state to up4d20h: Se0 PPP: Treating connection as a dedicated line4d20h: Se0 PPP: Phase is AUTHENTICATING, by both4d20h: Se0 CHAP: O CHALLENGE id 2 len 28 from left"4d20h: Se0 CHAP: I CHALLENGE id 3 len 28 from right"4d20h: Se0 CHAP: O RESPONSE id 3 len 28 from left"4d20h: Se0 CHAP: I RESPONSE id 2 len 28 from right"4d20h: Se0 CHAP: O SUCCESS id 2 len 44d20h: Se0 CHAP: I SUCCESS id 3 len 44d20h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up

The debug ppp authentication command shows successful CHAP output


Verifying PPP Negotiation

RouterX# debug ppp negotiationPPP protocol negotiation debugging is onRouterX#*Mar 1 00:06:36.645: %LINK-3-UPDOWN: Interfa*Mar 1 00:06:36.661: BR0:1 PPP: Treating conne*Mar 1 00:06:36.665: BR0:1 PPP: Phase is ESTA*Mar 1 00:06:36.669: BR0:1 LCP: State is Listen*Mar 1 00:06:37.034: BR0:1 LCP: I CONFREQ [L*Mar 1 00:06:37.038: BR0:1 LCP: AuthProto PA*Mar 1 00:06:37.042: BR0:1 LCP: MagicNumbe*Mar 1 00:06:37.046: BR0:1 LCP: Callback 0 (0


Summary

PPP is a common Layer 2 protocol for the WAN. There are two components of PPP: LCP negotiates the connection and NCP encapsulates traffic. You can configure PPP to use PAP or CHAP. PAP sends

everything in plaintext. CHAP uses an MD5 hash. Common PPP verification commands include show interface to

verify PPP encapsulation and debug ppp negotiation to verify the LCP handshake.

LAN Extension into a WANTypical WAN Encapsulation ProtocolsAn Overview of PPPPPP Session EstablishmentPPP Authentication Protocols: PAPPPP Authentication Protocols: CHAPConfiguring PPP and Authentication OverviewConfiguring PPP and AuthenticationPPP and CHAP Configuration ExampleVerifying the PPP Encapsulation ConfigurationVerifying PPP AuthenticationVerifying PPP NegotiationSummary

module 54

Documents