Ah, ok. I got so hung up on the "centralized database" part. I guess eap is a better choice here. Thank you.
On Sun, Sep 25, 2011 at 12:34 AM, Christophe Lemaire <[email protected]> wrote: > Hi Marc, > > CHAP is not using md5 but a challenge/response mechanism. EAP is the only ppp > authentication method available using md5... So I gues you didn't get the > points here. > > Regards, > Christophe > > On 25 Sep 2011, at 03:27, marc abel wrote: > >> I am working on Vol 3 lab 9 task 1.8 and have a general question: >> >> The task has us configure PPP multilink and then use authentication. >> >> "R6 should authenticate R9 using md5 authentication before allowing >> the connection to come online. In the future you want to use a central >> database for PPP authentication. Make sure the protocol you choose >> will support this future change." >> >> Now the solutions guide show this using eap, but couldn't you do chap >> as well? It seems like chap will support radius. So what do you think, >> do I get the points? >> >> >> Here is my config. >> >> R6 >> ______________________ >> >> aaa new-model >> ! >> ! >> aaa authentication ppp PPPCHAP group radius local >> ! >> ! >> aaa session-id common >> ! >> username R9 password 0 cisco >> ! >> interface Multilink69 >> ip address 70.18.69.6 255.255.255.240 >> ppp authentication chap PPPCHAP >> ppp multilink >> ppp multilink links minimum 2 mandatory >> ppp multilink group 69 >> ! >> interface Serial0/2/0 >> no ip address >> encapsulation ppp >> clock rate 2000000 >> ppp multilink >> ppp multilink group 69 >> ! >> interface Serial0/2/1 >> no ip address >> encapsulation ppp >> clock rate 2000000 >> ppp multilink >> ppp multilink group 69 >> ! >> radius-server host 1.1.1.1 auth-port 1645 acct-port 1646 key test >> ! >> >> >> >> R9 >> _______________________ >> >> interface Multilink69 >> ip address 70.18.69.9 255.255.255.240 >> ppp chap hostname R9 >> ppp chap password 0 cisco >> ppp multilink >> ppp multilink links minimum 2 mandatory >> ppp multilink group 69 >> ! >> interface Serial0/2/0 >> no ip address >> encapsulation ppp >> ppp multilink >> ppp multilink group 69 >> ! >> interface Serial0/2/1 >> no ip address >> encapsulation ppp >> ppp multilink >> ppp multilink group 69 >> ! >> >> >> >> Pod109-R6(config)#do who >> Line User Host(s) Idle Location >> * 0 con 0 idle 00:00:00 >> >> Interface User Mode Idle Peer Address >> Se0/2/0 R9 Sync PPP 00:00:02 >> Se0/2/1 R9 Sync PPP 00:00:03 >> Mu69 R9 Sync PPP 00:00:03 70.18.69.9 >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com > > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
