Scribd
Upload
48 views7 pages

Lab 7

The document describes configuring PPP authentication between two routers using Password Authentication Protocol (PAP). The tasks include: 1. Configuring hostnames and enabling serial interfaces on routers R1 and R2. 2. Configuring PPP encapsulation and IP addressing on the serial interfaces. 3. Configuring usernames and passwords on each router for PAP authentication of the other router. 4. Configuring the serial interfaces for PAP authentication and verifying authentication occurs by debugging on R1.

Uploaded by

mayudesk desk
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
48 views7 pages

Lab 7

The document describes configuring PPP authentication between two routers using Password Authentication Protocol (PAP). The tasks include: 1. Configuring hostnames and enabling serial interfaces on routers R1 and R2. 2. Configuring PPP encapsulation and IP addressing on the serial interfaces. 3. Configuring usernames and passwords on each router for PAP authentication of the other router. 4. Configuring the serial interfaces for PAP authentication and verifying authentication occurs by debugging on R1.

Uploaded by

mayudesk desk
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

Lab 8.

PPP Authentication
Using PAP

Lab Objective:
The objective of this lab exercise is to configure two routers sharing
a back-to-back Serial link encapsulated by PPP to authenticate each
other using Password Authentication Protocol (PAP). By default,
PPP connections are not authenticated or secured.

Lab Purpose:
PPP PAP authentication configuration is a fundamental skill. One of
the main reasons that PPP is so popular is because it has the
capability to be secured and devices communicating using PPP can
be authenticated. PAP authentication is the least preferred method to
secure PPP as it sends usernames and passwords in clear text.
However, as a Cisco engineer, as well as in the Cisco CCNA exam,
you will be expected to know how to configure PPP PAP
authentication.

Lab Topology:
Please use the following topology to complete this lab exercise:

Task 1:
Configure hostnames on R1 and R2 as illustrated in the topology.
Task 2:
Enable Serial interfaces on R1 and R2. The Serial0/0 interface on
R2 is identified as the DCE in the topology. Use the appropriate
commands to verify that this interface is indeed the DCE. Configure
the DCE interface on R2 to provide clocking to R1. The clock speed
should be 768 Kbps. Again, remember that 1 Kbps = 1000 bps.
Verify that R1 receives clocking information from R2.

Task 3:
Enable PPP encapsulation on R1 and R2 Seriaol0/0 interfaces.
Configure IP addressing on R1 and R2 Serial0/0 interfaces as
illustrated in the topology.

Task 4:
Verify your interface encapsulation, which should now be PPP. Test
connectivity between R1 and R2 by pinging between the routers.

Task 5:
Configure a username on R1 and R2. The user account should be
the hostname of the remote router that will be authenticating with the
local device. For example, on R1 the user account that will be used
to authenticate router R2 will be R2. The password on both routers
should be PAP.

Task 6:
Configure the Serial0/0 interfaces of R1 and R2 for PPP
Authentication via PAP. Each router should send its configured
hostname as the PAP username, and the configured password PAP
should be used for PAP authentication between the routers.

Task 7:
Enable PPP authentication debugging on R1. Next, perform a
shutdown command, followed by a no shutdown command, on Serial0/0.
Verify that you see the two routers authenticating each other via PPP
PAP. Disable debugging when you are done.
Lab 8. Configuration and
Verification

Task 1:
For reference information on configuring hostnames, please refer to
earlier labs.

Task 2:
For reference information on verifying DTE/DCE status, please refer
to earlier labs.

Task 3:
For reference information on enabling PPP and IP addressing,
please refer to earlier labs.

Task 4:
For reference information on verifying Serial encapsulation, please
refer to earlier labs.

Task 5:
R1#conf t
Enter configuration commands, one per line. End with CTRL/Z.
R1(config)#username R2 password PAP
R1(config)#end
R1#

R2#conf t
Enter configuration commands, one per line. End with CTRL/Z.
R2(config)#username R1 password PAP
R2(config)#^Z
R2#

Task 6:
R1#conf t
Enter configuration commands, one per line. End with CTRL/Z.
R1(config)#int s0/0
R1(config-if)#ppp authentication pap
R1(config-if)#ppp pap sent-username R1 password PAP
R1(config-if)#^Z
R1#

R2#conf t
Enter configuration commands, one per line. End with CTRL/Z.
R2(config)#interface serial0/0
R2(config-if)#ppp authentication pap
R2(config-if)#ppp pap sent-username R2 password PAP
R2(config-if)#end
R2#

Task 7:
R1#debug ppp authentication
PPP authentication debugging is on
R1#conf t
Enter configuration commands, one per line. End with CTRL/Z.
R1(config)#int s0/0
R1(config-if)#shut
R1(config-if)#
*Mar 1 02:24:04.158: %LINK-5-CHANGED: Interface Serial0/0, changed state
to administratively down
*Mar 1 02:24:05.159: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Serial0/0, changed state to down
R1(config-if)#no shut
R1(config-if)#
*Mar 1 02:24:14.943: %LINK-3-UPDOWN: Interface Serial0/0, changed state
to up
*Mar 1 02:24:14.943: Se0/0 PPP: Using default call direction
*Mar 1 02:24:14.943: Se0/0 PPP: Treating connection as a dedicated line
*Mar 1 02:24:14.943: Se0/0 PPP: Session handle[BC000002] Session id[4]
*Mar 1 02:24:14.943: Se0/0 PPP: Authorization required
*Mar 1 02:24:14.951: Se0/0 PAP: Using hostname from interface PAP
*Mar 1 02:24:14.951: Se0/0 PAP: Using password from interface PAP
*Mar 1 02:24:14.951: Se0/0 PAP: O AUTH-REQ id 2 len 11 from “R1”
*Mar 1 02:24:14.951: Se0/0 PAP: I AUTH-REQ id 2 len 11 from “R2”
*Mar 1 02:24:14.951: Se0/0 PAP: Authenticating peer R2
*Mar 1 02:24:14.955: Se0/0 PPP: Sent PAP LOGIN Request
*Mar 1 02:24:14.955: Se0/0 PPP: Received LOGIN Response PASS
*Mar 1 02:24:14.959: Se0/0 PPP: Sent LCP AUTHOR Request
*Mar 1 02:24:14.959: Se0/0 PPP: Sent IPCP AUTHOR Request
*Mar 1 02:24:14.963: Se0/0 PAP: I AUTH-ACK id 2 len 5
*Mar 1 02:24:14.963: Se0/0 LCP: Received AAA AUTHOR Response PASS
*Mar 1 02:24:14.963: Se0/0 IPCP: Received AAA AUTHOR Response PASS
*Mar 1 02:24:14.967: Se0/0 PAP: O AUTH-ACK id 2 len 5
*Mar 1 02:24:14.967: Se0/0 PPP: Sent CDPCP AUTHOR Request
*Mar 1 02:24:14.971: Se0/0 PPP: Sent IPCP AUTHOR Request
*Mar 1 02:24:14.975: Se0/0 CDPCP: Received AAA AUTHOR Response
PASS
*Mar 1 02:24:15.969: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Serial0/0, changed state to up
R1(config-if)#end
*Mar 1 02:24:22.339: %SYS-5-CONFIG_I: Configured from console by
console
R1#
R1#undebug all
All possible debugging has been turned off

NOTE: By default, PAP sends usernames and passwords in clear


text and is generally not considered a secure authentication means
for PPP. The recommended and most common means to secure and
authenticate via PPP is to use the Challenge Handshake
Authentication Protocol (CHAP). In the debug output above, while
the password is not shown, you can see the usernames “R1” and “R2”
printed.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy