Hi Marc, CHAP is not using md5 but a challenge/response mechanism. EAP is the only ppp authentication method available using md5... So I gues you didn't get the points here.
Regards, Christophe On 25 Sep 2011, at 03:27, marc abel wrote: > I am working on Vol 3 lab 9 task 1.8 and have a general question: > > The task has us configure PPP multilink and then use authentication. > > "R6 should authenticate R9 using md5 authentication before allowing > the connection to come online. In the future you want to use a central > database for PPP authentication. Make sure the protocol you choose > will support this future change." > > Now the solutions guide show this using eap, but couldn't you do chap > as well? It seems like chap will support radius. So what do you think, > do I get the points? > > > Here is my config. > > R6 > ______________________ > > aaa new-model > ! > ! > aaa authentication ppp PPPCHAP group radius local > ! > ! > aaa session-id common > ! > username R9 password 0 cisco > ! > interface Multilink69 > ip address 70.18.69.6 255.255.255.240 > ppp authentication chap PPPCHAP > ppp multilink > ppp multilink links minimum 2 mandatory > ppp multilink group 69 > ! > interface Serial0/2/0 > no ip address > encapsulation ppp > clock rate 2000000 > ppp multilink > ppp multilink group 69 > ! > interface Serial0/2/1 > no ip address > encapsulation ppp > clock rate 2000000 > ppp multilink > ppp multilink group 69 > ! > radius-server host 1.1.1.1 auth-port 1645 acct-port 1646 key test > ! > > > > R9 > _______________________ > > interface Multilink69 > ip address 70.18.69.9 255.255.255.240 > ppp chap hostname R9 > ppp chap password 0 cisco > ppp multilink > ppp multilink links minimum 2 mandatory > ppp multilink group 69 > ! > interface Serial0/2/0 > no ip address > encapsulation ppp > ppp multilink > ppp multilink group 69 > ! > interface Serial0/2/1 > no ip address > encapsulation ppp > ppp multilink > ppp multilink group 69 > ! > > > > Pod109-R6(config)#do who > Line User Host(s) Idle Location > * 0 con 0 idle 00:00:00 > > Interface User Mode Idle Peer Address > Se0/2/0 R9 Sync PPP 00:00:02 > Se0/2/1 R9 Sync PPP 00:00:03 > Mu69 R9 Sync PPP 00:00:03 70.18.69.9 > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
