CCNA配置試驗之七 PPP中PAP和CHAP的驗證

PPP支援NCPC（網絡控制協定）和LCP（鍊路控制協定）

PPP的驗證方式分為PAP二次握手明文傳輸和CHAP三次握手密文傳輸。

試驗配置PAP和CHAP的驗證：

試驗配置如下：

R1（CHAP）

Router>en

Router#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#host r1

r1(config)#int s0/0

r1(config-if)#ip addr 192.168.1.1 255.255.255.0

r1(config-if)#clock rate 64000

r1(config-if)#no shut

r1(config-if)#encapsulation ppp                封裝PPP

r1(config-if)#ppp authen chap pap 在接口下使用本地加密方式chap來驗證對端加密方式pap

r1(config-if)#ppp chap hostname r1   指定本地主機名稱

r1(config-if)#ppp chap password cisco 指定本地密碼

r1(config-if)#exit

r1(config)#enable secret cisco          指定加密密碼

r1(config)#service password-encryption   密碼加密

r1(config)#username r2 password cisco   要驗證的遠端使用者和密碼

R2（PAP）

Router(config)#host r2

r2(config)#int s0/0

r2(config-if)#ip addr 192.168.1.3 255.255.255.0

r2(config-if)#no shut

r2(config-if)#encapsulation ppp   封裝PPP

r2(config-if)#ppp authen pap chap 在接口下使用本地加密方式pap來驗證對端加密方式chap

r2(config-if)#ppp pap sent-username r2 password cisco指定要發送的使用者和密碼

r2(config-if)#exit

r2(config)#enable password cisco 指定發送的密碼

r2(config)#username r1 password cisco要驗證的遠端使用者和密碼

r2(config)#exit

驗證：show ip int s0/0

Show int s0/0

R1

r1#show int s0/0

Serial0/0 is up, line protocol is up

  Hardware is M4T

  Internet address is 192.168.1.1/24

  MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

     reliability 255/255, txload 1/255, rxload 1/255

  Encapsulation PPP, LCP Open

  Open: IPCP, CDPCP, crc 16, loopback not set

  Keepalive set (10 sec)

  Restart-Delay is 0 secs

  Last input 00:00:05, output 00:00:00, output hang never

  Last clearing of "show interface" counters 00:01:28

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: weighted fair

  Output queue: 0/1000/64/0 (size/max total/threshold/drops)

     Conversations  0/1/256 (active/max active/max total)

     Reserved Conversations 0/0 (allocated/max allocated)

     Available Bandwidth 1158 kilobits/sec

  5 minute input rate 0 bits/sec, 0 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     30 packets input, 1059 bytes, 0 no buffer

     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

     40 packets output, 904 bytes, 0 underruns

 --More--

R2

r2#show int s0/0

  Internet address is 192.168.1.3/24

  Last input 00:00:12, output 00:00:03, output hang never

  Last clearing of "show interface" counters 00:00:19

     19 packets input, 297 bytes, 0 no buffer

     18 packets output, 285 bytes, 0 underruns

 --More—

端口和鍊路協定都為up狀态，封裝為PPP封裝。

Encapsulation PPP

試驗成功！

本文轉自 範琳琳 51CTO部落格，原文連結：http://blog.51cto.com/fanlinlin/133662，如需轉載請自行聯系原作者