Chap question

(config-if)#encapsulation ppp
(config-if)#ppp chap hostname *remote hostname*
(config-if)#ppp chap password *password*
(config-if)#no shutdown

and

(config)#username *remote router hostname* password *password*
(config)#interface serial 0
(config-if)#ppp authentication chap

Could someone explain the difference between these two Router configurations?

I'm sure they are used for different purposes, but they strike me as the same.

-KG

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

KGhaleon

ugh...I've also come across this line:
(config-if)#ppp pap sent-username *username* password *password*

How does this fit into the above, aside from the fact that it's used with PAP? :P

I was planning to take my CCNA sometime soon. A problem I was worried about was concerning Vlan configurations. I'm familiar with setting them up on 1900 switches, but that's it. Is there a specific type of switch model used on the exam?

-KG

Ten9t6

Ok...to start off with, we know that CHAP is a hash of the username and passwords. So, both sides should be able to calculate the hash. This is usually done with your bottom example:

(config)#username *remote router hostname* password *password*
(config)#interface serial 0
(config-if)#ppp authentication chap

and :

(config-if)#encapsulation ppp
(config-if)#ppp chap hostname *remote hostname*
(config-if)#ppp chap password *password*
(config-if)#no shutdown

is used if you want to change the username and password that is used to calculate the hash.....i.e..don't want to use the router name and password.

Your PAP example :

(config-if)#ppp pap sent-username *username* password *password*

PAP does not use a hash. The password is sent in plain text to the next router. The username and password that you use the 'sent-username' for must be on the other router.

does this make sense?

Kenny

KGhaleon

Thanks, that makes more sense. I could find anything on it in my lab manuals.

(config-if)#encapsulation ppp
(config-if)#ppp chap hostname *remote hostname*
(config-if)#ppp chap password *password*
"is used if you want to change the username and password that is used to calculate the hash.....i.e..don't want to use the router name and password."

So this is used for changing the existing hash information? What do you mean by, "don't want to use the Router name and password?"

KG