Options
Connection & Authentication Protocols help
rht
Member Posts: 92 ■■□□□□□□□□
in CCNA & CCENT
Hi, this is my first post in this section of the forums. I am actually studying for a Microsoft exam :P but thought this is the best section to post this since its related & the forums here are actually alive.
Anyway, I understand that connection protocols like PPTP, SSTP & L2TP create a tunnel to provide data authentication, integrity & encryption. However, before i actually create a tunnel i need to authenticate to the other endpoint using authentication protocols like EAP and PEAP-TLS.
So my question is which protocols (connection or authentication) actually provide the authentication since they both do?
Also correct me if i am wrong in what i wrote above.
Anyway, I understand that connection protocols like PPTP, SSTP & L2TP create a tunnel to provide data authentication, integrity & encryption. However, before i actually create a tunnel i need to authenticate to the other endpoint using authentication protocols like EAP and PEAP-TLS.
So my question is which protocols (connection or authentication) actually provide the authentication since they both do?
Also correct me if i am wrong in what i wrote above.
Comments
-
Options
Trashman
Member Posts: 140
PPTP and L2TP typically relies on Point-to-point Protocol (PPP).
In order to establish communications over a point-to-point link, each end of the PPP link first sends LCP packets to configure the data link during the Link Establishment phase.
After the link has been established, PPP provides for an optional Authentication phase before proceeding to the Network-Layer Protocol phase.Bachelor of Science in Information Systems
2015 COLOR=#008000]X[/COLOR | 2016 COLOR=#ff8c00]In progress[/COLOR | 2017 | 2018 -
Options
gbdavidx
Member Posts: 840
is this covered in icnd2? I dont remember reading about this in icnd1 -
Options
xnx
Member Posts: 464 ■■■□□□□□□□
ICND2, there's quite a bit on WAN technologiesGetting There ...
Lab Equipment: Using Cisco CSRs and 4 Switches currently -
Options
Magic Johnson
Member Posts: 414
Not got to WAN techs yet, but can I hijack and ask why the need for authentication on a PPP link? -
Options
EdTheLad
Member Posts: 2,111 ■■■■□□□□□□
The main reason ppp is still in existence today is due to its authentication feature. Any kind of mass user access technology like dsl uses ppp as the authentication protocol. Whatever kind of physical connectivity is provided to a user, have a ppp encapsulation layer and a aaa server to provide per user authentication. Don't just look at ppp as a protocol that can be used on a serial link of a cisco router.Networking, sometimes i love it, mostly i hate it.Its all about the $$$$ -
OptionsMagic Johnson
Member Posts: 414
The main reason ppp is still in existence today is due to its authentication feature. Any kind of mass user access technology like dsl uses ppp as the authentication protocol. Whatever kind of physical connectivity is provided to a user, have a ppp encapsulation layer and a aaa server to provide per user authentication. Don't just look at ppp as a protocol that can be used on a serial link of a cisco router.
Ah of course.
Would you still use it though if we were talking in that context (serial link on CISCO router)? -
OptionsEdTheLad
Member Posts: 2,111 ■■■■□□□□□□
HDLC is proprietary, every vendor has their own different flavour. To avoid incompatibility issues you would use ppp on serial lines.Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
-
OptionsMagic Johnson
Member Posts: 414
HDLC is proprietary, every vendor has their own different flavour. To avoid incompatibility issues you would use ppp on serial lines.
Sorry I meant the authentication feature. -
OptionsEdTheLad
Member Posts: 2,111 ■■■■□□□□□□
Just for added security, maybe you have a serial link connected to a router in an insecure location, you don't want someone replacing the router with a compromised one.Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
-
OptionsMagic Johnson
Member Posts: 414
Just for added security, maybe you have a serial link connected to a router in an insecure location, you don't want someone replacing the router with a compromised one.
Yes, of course. Bigger picture. I used to work for a firm that had all their kit in a little server rack in a portacabin, that was unoccupied and unlocked most of the time! Can see the need for it there!
EDIT: Must spread rep around etc -
Optionsxnx
Member Posts: 464 ■■■□□□□□□□
Think about Cable or ADSL broadband in the UK, they both use a form PPP (e.g PPP over ATM) to some extent. In the most basic form authentication is useful to stop anyone trying to connect a ADSL / Cable Modem to the service provider network.Magic Johnson wrote: »Yes, of course. Bigger picture. I used to work for a firm that had all their kit in a little server rack in a portacabin, that was unoccupied and unlocked most of the time! Can see the need for it there!
EDIT: Must spread rep around etcGetting There ...
Lab Equipment: Using Cisco CSRs and 4 Switches currently -
Optionsgbdavidx
Member Posts: 840
i know, i was just clarifying where this information was coming from as i didnt remember reading it in ICND1
