Specifications
120 AVM Access Server – Glossary
Authentication
Authentication refers to identifying a remote system by verifying its login
information (name and password) on establishing incoming and outgo-
ing connections. In the AVM Access Server, authentication is performed
not only to prevent unauthorized access, but also to identify the remote
user if incoming call assignment by CLI number is not activated. The au-
thentication protocols used for PPP connections are PAP and CHAP. In
the AVM Access Server, you can specify for each remote site individually
whether authentication is required of the remote site, and by which
method. For each authentication protocol, a name and password must
be configured and communicated to the remote site. If the remote sys-
tem also requests authentication, you can enter the necessary name and
password in the settings for the remote user group or network. Obtain
this information from the administrator of the remote site.
Bchannel
An ISDN BRI line comprises two B channels and one D channel. An
ISDN PRI line has 30 B channels and a D channel. The B channels are
used to transport user data. Each B channel provides data throughput
of 64 kbit/s. To increase throughput, the AVM Access Server can bun-
dle up to 30 B channels in one network connection.
CAPI: see “Common ISDN API (CAPI)” on page 121
CHAP (Challenge Handshake Authentication Protocol)
One of the two authentication protocols in the PPP suite. A name and
password for the remote system must be configured on the system that
requests authentication. The remote system must be configured to
present the same name and password. In CHAP, the system that re-
quests authentication uses a pre-defined algorithm to form a message,
called the challenge, from the name and a random number. This chal-
lenge is sent to the remote system. The remote system produces a new
message out of the first message and the password, also using a pre-
set algorithm, and sends this value back. The first site performs the
same operation and compares its results with the message received
from the remote system. If they match, the remote system is authentic
and the connection can be set up. The advantage of this method is that
the password itself is never transmitted between the two systems. For
this reason CHAP is considered a secure protocol. CHAP is described in
RFC 1334 and RFC 1994.