CHAP – Challenge Handshake Authentication Protocol

RFC 1994
- Verify identity of peer
- Uses 3way handshake
After LCP phase is complete,
- CHAP is negotiated, authenticator sends a challenge message to peer
- Peer responds with value calculated through 1 way hash (MD5)
- Authenticator checks the response against its own calculation

Configuration

PPP must be enabled on the interface

Interface > ppp authentication chap

Configure username and password
Username [username] password [password]

Default username sent is hostname of the peer router

Default username can be changed under the interface

PPP chap username

Passwords must match on both ends
PPP chap passowrd

PAP – Password Authentication Protocol

RFC 1334
Simple method for authentication
- 2 way handshake after LCP completes
- Username and password are sent in clear text across link
Not a secure authentication protocol

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Google account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

CMP Networking

Chris Pratt's Networking Blog

CCIE RS – L2 WAN Circuit Technologies – Authentication (PAP, CHAP)

CHAP – Challenge Handshake Authentication Protocol

PAP – Password Authentication Protocol

Leave a Reply Cancel reply

CHAP – Challenge Handshake Authentication Protocol

PAP – Password Authentication Protocol

Share this:

Like this:

Leave a Reply Cancel reply