Chap question

KGhaleonKGhaleon Member Posts: 1,346 ■■■■□□□□□□
in CCNA & CCENT
(config-if)#encapsulation ppp
(config-if)#ppp chap hostname *remote hostname*
(config-if)#ppp chap password *password*
(config-if)#no shutdown

and

(config)#username *remote router hostname* password *password*
(config)#interface serial 0
(config-if)#ppp authentication chap

Could someone explain the difference between these two Router configurations? :) I'm sure they are used for different purposes, but they strike me as the same.

-KG
Present goals: MCAS, MCSA, 70-680
· Share on FacebookShare on Twitter

Comments

  • KGhaleonKGhaleon Member Posts: 1,346 ■■■■□□□□□□
    ugh...I've also come across this line:
    (config-if)#ppp pap sent-username *username* password *password*

    How does this fit into the above, aside from the fact that it's used with PAP? :P

    I was planning to take my CCNA sometime soon. A problem I was worried about was concerning Vlan configurations. I'm familiar with setting them up on 1900 switches, but that's it. Is there a specific type of switch model used on the exam?

    -KG
    Present goals: MCAS, MCSA, 70-680
    · Share on FacebookShare on Twitter
  • Ten9t6Ten9t6 Member Posts: 691
    Ok...to start off with, we know that CHAP is a hash of the username and passwords. So, both sides should be able to calculate the hash. This is usually done with your bottom example:
    (config)#username *remote router hostname* password *password*
    (config)#interface serial 0
    (config-if)#ppp authentication chap

    and :

    (config-if)#encapsulation ppp
    (config-if)#ppp chap hostname *remote hostname*
    (config-if)#ppp chap password *password*
    (config-if)#no shutdown

    is used if you want to change the username and password that is used to calculate the hash.....i.e..don't want to use the router name and password.

    Your PAP example :

    (config-if)#ppp pap sent-username *username* password *password*

    PAP does not use a hash. The password is sent in plain text to the next router. The username and password that you use the 'sent-username' for must be on the other router.

    does this make sense?

    Kenny
    Kenny

    A+, Network+, Linux+, Security+, MCSE+I, MCSE:Security, MCDBA, CCNP, CCDP, CCSP, CCVP, CCIE Written (R/S, Voice),INFOSEC, JNCIA (M and FWV), JNCIS (M and FWV), ENA, C|EH, ACA, ACS, ACE, CTP, CISSP, SSCP, MCIWD, CIWSA
    · Share on FacebookShare on Twitter
  • KGhaleonKGhaleon Member Posts: 1,346 ■■■■□□□□□□
    Thanks, that makes more sense. I could find anything on it in my lab manuals.

    (config-if)#encapsulation ppp
    (config-if)#ppp chap hostname *remote hostname*
    (config-if)#ppp chap password *password*
    "is used if you want to change the username and password that is used to calculate the hash.....i.e..don't want to use the router name and password."

    So this is used for changing the existing hash information? What do you mean by, "don't want to use the Router name and password?"

    KG
    Present goals: MCAS, MCSA, 70-680
    · Share on FacebookShare on Twitter
Sign In or Register to comment.