Specifications

A-7

Cisco 1700 Series Router Software Configuration Guide

78-5407-03

Chapter A Networking Concepts

CHAP and PAP Authentication

In configuring your router, you must select a method of authentication.

Authentication is used for security and for identifying who is calling in so that the

called router can correctly forward packets to the correct interface. This is

generally required when dialer rotary groups are used and multiple sites are

calling into a single router.

The configuration examples in this guide use Point-to-Point Protocol (PPP) with

Challenge Handshake Authentication Protocol (CHAP) or Password

Authentication Protocol (PAP) for security and authentication. CHAP and PAP,

when used with PPP encapsulation, allow routers to authenticate incoming calls.

CHAP Authentication

With CHAP, a remote device attempting to connect to the local router is requested,

or challenged, to respond. When the local router receives the challenge response,

it verifies the response by looking up the name of the remote device given in the

response. The passwords must be identical on the remote device and the local

router. The names and passwords are configured using the username command.

In the following example, Router Macbeth allows Router Macduff to call in using

the password “bubble”:

hostname Macbeth

username Macduff password bubble

encapsulation ppp

ppp authentication chap

In the following example, Router Macduff allows Router Macbeth to call in using

the password “bubble”:

hostname Macduff

username Macbeth password bubble

encapsulation ppp

ppp authentication chap