RSEnt : Lab 7.2.5.3 Configuring and Verifying PAP and CHAP Authentication

Step 1: Connect the equipment

Connect Router 1 and Router 2 with a serial cable connecting both Serial 0/0/0 interfaces as shown in the topology diagram.

Step 2: Perform basic configuration on Router 1

1. Connect a PC to the console port of the router to perform configurations using a terminal emulation program.
2. On Router 1, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration.

Step 3: Perform basic configuration on Router 2

On Router 2, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration.

Step 4: Configure PPP encapsulation on both R1 and R2

Change the encapsulation type to PPP by entering encapsulation ppp at the interface Serial 0/0

configuration mode prompt on both routers.

R1(config-if)#encapsulation ppp

R2(config-if)#encapsulation ppp

Step 5: Verify PPP encapsulation on R1 and R2

Enter the command show interface serial 0/0 to verify the PPP encapsulation on R1 and R2.

Step 6: Verify that the serial connection is functioning

Ping from R1 to R2 to verify that there is connectivity between the two routers.

R1#ping 192.168.15.2

R2#ping 192.168.15.1

Step 7: Turn on PPP debugging

To display the authentication exchange process as it occurs, issue the command debug ppp

authentication at the privileged EXEC mode prompt.

R1#debug ppp authentication

R2#debug ppp authentication

Step 8: Configure PPP authentication on R1 with PAP

1. Configure the username and password on the R1 router.
2. In Cisco IOS releases 11.1 or later, PAP must be enabled on the interface because it is disabled by default. From the Serial 0/0/0 interface configuration mode prompt, enable PAP on the interface.

Step 9: Verify that the serial connection is functioning

Verify that the serial connection is functioning by pinging the serial interface of R2.

Step 10: Configure PPP authentication on R2 with PAP

1. Configure the username and password on the R2 router
2. In Cisco IOS releases 11.1 or later, PAP must be enabled on the interface because it is disabled by default. From the Serial 0/0/0 interface configuration mode prompt, enable PAP on the interface.

Step 11: Verify that the serial connection is functioning

Verify that the serial connection is functioning by pinging the serial interface of R1.

Step 12: Remove PAP from R1 and R2

Remove PAP from R1 and R2 by issuing the command no in front of the commands used to configure PAP.

Step 13: Configure PPP authentication on R1 with CHAP

1. f both CHAP and PAP are enabled, the first authentication method specified is requested during the link negotiation phase. If the peer suggests using the second method or simply refuses the first method, the second method is tried.
2. Save the configuration on R1 and R2 and reload both routers.
3. To display the authentication exchange process as it occurs, issue the command debug ppp authentication at the privileged EXEC mode prompt.
4. Configure the username and password on the R1 router.

Step 14: Configure PPP authentication on R2 with CHAP

Configure the username and password on the R2 router

Step 15: Verify that the serial connection is functioning

Verify that the serial connection is functioning by pinging the serial interface of R1.

Was it successful? __________ yes

Step 16: Verify the serial line encapsulation on R1

Enter the command show interface serial 0/0 to view the details of the interface.

Step 16: Verify the serial line encapsulation on R1

Enter the command show interface serial 0/0 to view the details of the interface.

Step 18: Turn off debugging on both R1 and R2

Turn off all debugging by issuing the undebug all command on both R1 and R2.

R1#undebug all

R2#undebug all

Step 19: Reflection

1. What is an advantage of using CHAP over PAP? Jawaban: CHAP is the preferred protocol because CHAP periodically verifies the identity of the remote node using a three-way handshake. CHAP provides protection against playback attack through the use of a variable challenge value that is unique and unpredictable. Because the challenge is unique and random, the resulting hash value will be unique and random.
2. Which PPP protocol is used for establishing a point-to-point link? Jawaban: LCP
3. Which PPP protocol is used for configuring the various Network Layer protocols? Jawaban: NCP

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: