More Related Content
Similar to 12 module (20)
12 module
- 1. 2 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Establishing Serial Point-to-Point Connections Chapter 12
- 2. 2 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Upon completion of this chapter, you will be able to perform the following tasks: • Configure HDLC and PPP protocols on a serial WAN connection • Configure PAP and CHAP authentication on a PPP connection • Verify proper point-to-point HDLC and PPP configuration Objectives
- 4. 2 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Telephone Company Service Provider Synchronous serial Asynchronous serial, Synchronous serial WAN Connection Type Layer 1 Leased Line Circuit-switched Packet-switched ISDN layer 1
- 5. 8 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Point-to-point or circuit-switched connection CO Switch Customer Premises Equipment Demarcation Local Loop WAN Service Provider Toll Network S S S S S S Trunks and Switches S Interfacing WAN Service Providers • Provider assigns connection parameters to subscriber
- 6. 2 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Telephone Company Service Provider HDLC, PPP, SLIP Typical WAN Encapsulation Protocols Layer 2 Leased Line Circuit-switched Packet-switched HDLC, PPP, SLIP X.25, Frame Relay, ATM
- 10. 21 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Synchronous or Asynchronous Physical Media Link Control Protocol Authentication, other options PPP Data Link Layer Physical Layer Layering PPP Elements • PPP — A data link
- 11. 22 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Synchronous or Asynchronous Physical Media Link Control Protocol Authentication, other options Network Control Protocol PPP Data Link Layer Physical Layer Network Layer IPCP IPXCP Many Others IP IPX Layer 3 Protocols Layering PPP Elements • PPP — A data link with network - layer services
- 12. 23 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Feature How It Operates Protocol Authentication PAP CHAP Perform Challenge Handshake Require a password PPP LCP Configuration Options
- 13. 24 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Feature How It Operates Protocol Authentication PAP CHAP Perform Challenge Handshake Require a password Compression Compress data at source; reproduce data at destination Stacker or Predictor PPP LCP Configuration Options
- 14. 25 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Feature How It Operates Protocol Authentication PAP CHAP Perform Challenge Handshake Require a password Compression Compress data at source; reproduce data at destination Stacker or Predictor Error Detection Avoid frame looping Quality Monitor data dropped on link Magic Number PPP LCP Configuration Options
- 15. 26 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Feature How It Operates Protocol Authentication PAP CHAP Perform Challenge Handshake Require a password Compression Compress data at source; reproduce data at destination Stacker or Predictor Error Detection Avoid frame looping Quality Monitor data dropped on link Magic Number Multilink Load balancing across multiple links Multilink Protocol (MP) PPP LCP Configuration Options
- 16. 27 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 PPP Authentication Overview • Two PPP authentication protocols: PAP and CHAP PPP Session Establishment 1 Link Establishment Phase 2 Optional Authentication Phase 3 Network - Layer Protocol Phase Dialup or Circuit - Switched Network
- 17. 28 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 • Passwords sent in cleartext • Peer in control of attempts Selecting a PPP Authentication Protocol Remote Router ( SantaCruz ) Central - Site Router (HQ) Hostname: santacruz Password: boardwalk username santacruz password boardwalk PAP 2 - Way Handshake " santacruz , boardwalk" Accept/Reject
- 18. 29 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Selecting a PPP Authentication Protocol (cont.) Remote Router ( SantaCruz ) Central - Site Router (HQ) Hostname: santacruz Password: boardwalk username santacruz password boardwalk CHAP 3 - Way Handshake Challenge Response Accept/Reject • Use “secret” known only to authenticator and peer
- 19. 30 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Router to Be Authenticated (The router that initiated the call.) PPP encapsulation Authenticating Router (The router that received the call.) Configuring PPP and Authentication Overview Dialup or Circuit - Switched Network Verify who you are. PPP encapsulation Enabling PPP Authentication Enabling PPP Authentication ¦ hostname ppp authentication ¦ username/password ¦ hostname ppp authentication ¦ username/password
- 22. 2 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Configuring PPP Authentication (Cont.) Router(config-if)#ppp authentication (chap | chap pap | pap chap | pap) Enables PAP and/or CHAP authentication
- 23. 2 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 32 Copyright © 1998, Cisco Systems, Inc. ICRC_revision_11.3 Verifying HDLC and PPP Encapsulation Configuration P1R1#show interfaces s1 Serial1 is up, line protocol is up Hardware is RD64570 Internet address is 10.1.1.2/24 MTU 1500 bytes, BW 1544 Kbit , DLY 20000 usec , rely 255/255, load 1/255 Encapsulation PPP, loopback not set, keepalive set (10 sec) LCP Open Open: IPCP, CDP, ATALKCP, IPXCP Last input 00:00:04, output 00:00:00, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/64/0 (size/threshold/drops) Conversations 0/4 (active/max active) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 51938 packets input, 1634908 bytes, 0 no buffer -- More --