Technical data

ManualsBrandsCisco ManualsComputer equipment1604 - 1604 Bridge/router

131

132

133

134

135

136

137

138

139

140

6-4 Dial Solutions Quick Configuration Guide

Configuring the Answering Access Server

Step 7 Set the number of seconds the connection remains open if no interesting trafﬁc is being

routed across this link. The timer is reset each time an interesting packet is forwarded

across the DDR connection. You need to set the idle-timeout to the same value on both

access servers. In this example, the line is closed after 5 consecutive minutes without

interesting trafﬁc.

Snoopy(config-if)# dialer idle-timeout 300

Step 8 Specify that the name Woodstock be used to authenticate the dialin user. If authentication

is successful, the IP address of the dialing access server’s Ethernet interface (in this case,

172.16.20.1) is mapped to the remote user. Also, enable broadcast packets to be

forwarded to this address (such as RIP or IGRP updates for IP).

Note There is no telephone number speciﬁed in the dialer map command, because Snoopy is not

calling out. Snoopy is only accepting incoming DDR calls.

Snoopy(config-if)# dialer map ip 172.16.20.1 name Woodstock broadcast

Step 9 Associate this interface with the dialer list 1 deﬁnition by using the dialer-group 1

command. The interface now considers anything deﬁned in dialer list 1 as interesting

trafﬁc.

Snoopy(config-if)# dialer-group 1

Snoopy(config-if)# exit

Conﬁguring Security for the Access Server Answering the DDR Call

To conﬁgure security on an access server answering DDR calls (Snoopy), perform these steps:

Step 1 Specify the name of the dialing access server (Woodstock) in Snoopy’s username

database. This username is referenced in the dialer map command for authentication

purposes. The username is case sensitive and must match the opposite access server’s host

name exactly. The password (peanuts) is used as the PPP authentication password for the

user Woodstock. It is also case sensitive:

Snoopy(config)# username Woodstock password peanuts

Note If you enter the password peanuts, exit to privileged EXEC mode, and issue the show

running-conﬁg command, the output of this command displays an encrypted password, similar to

the following: username Woodstock password 7 0215055500070C294D. When you enter or make

changes to the username command, always enter the password in its unencrypted form. Do not enter

the encryption type (7). It is set automatically.

Step 2 Create a PPP authentication list and a login authentication list:

Snoopy(config)# aaa authentication ppp default local

Snoopy(config)# aaa authentication login default local

Step 3 Apply the PPP authentication list to the asynchronous interface answering DDR calls and

specify CHAP authentication (rather than PAP):

Snoopy(config)# interface async 1

Snoopy(config-if)# ppp authentication chap default