Hey Marc, unless I'm missing something here I think you are OK. First, CHAP uses MD5, and second, it can use either LOCAL, RADIUS, or I think TACACS+ too. So unless I'm missing something, I think you're OK. Let's see what Marko says
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of marc abel Sent: Saturday, September 24, 2011 6:27 PM To: [email protected] Subject: [OSL | CCIE_RS] PPP authentication with radius I am working on Vol 3 lab 9 task 1.8 and have a general question: The task has us configure PPP multilink and then use authentication. "R6 should authenticate R9 using md5 authentication before allowing the connection to come online. In the future you want to use a central database for PPP authentication. Make sure the protocol you choose will support this future change." Now the solutions guide show this using eap, but couldn't you do chap as well? It seems like chap will support radius. So what do you think, do I get the points? Here is my config. R6 ______________________ aaa new-model ! ! aaa authentication ppp PPPCHAP group radius local ! ! aaa session-id common ! username R9 password 0 cisco ! interface Multilink69 ip address 70.18.69.6 255.255.255.240 ppp authentication chap PPPCHAP ppp multilink ppp multilink links minimum 2 mandatory ppp multilink group 69 ! interface Serial0/2/0 no ip address encapsulation ppp clock rate 2000000 ppp multilink ppp multilink group 69 ! interface Serial0/2/1 no ip address encapsulation ppp clock rate 2000000 ppp multilink ppp multilink group 69 ! radius-server host 1.1.1.1 auth-port 1645 acct-port 1646 key test ! R9 _______________________ interface Multilink69 ip address 70.18.69.9 255.255.255.240 ppp chap hostname R9 ppp chap password 0 cisco ppp multilink ppp multilink links minimum 2 mandatory ppp multilink group 69 ! interface Serial0/2/0 no ip address encapsulation ppp ppp multilink ppp multilink group 69 ! interface Serial0/2/1 no ip address encapsulation ppp ppp multilink ppp multilink group 69 ! Pod109-R6(config)#do who Line User Host(s) Idle Location * 0 con 0 idle 00:00:00 Interface User Mode Idle Peer Address Se0/2/0 R9 Sync PPP 00:00:02 Se0/2/1 R9 Sync PPP 00:00:03 Mu69 R9 Sync PPP 00:00:03 70.18.69.9 _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com UHS Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient (s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution of this information is prohibited. If this was sent to you in error, please notify the sender by reply e-mail and destroy all copies of the original message. _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
