PPP支持NCPC(网络控制协议)和LCP(链路控制协议)
PPP的验证方式分为PAP二次握手明文传输和CHAP三次握手密文传输。
试验配置PAP和CHAP的验证:
试验配置如下:
R1(CHAP)
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#host r1
r1(config)#int s0/0
r1(config-if)#ip addr 192.168.1.1 255.255.255.0
r1(config-if)#clock rate 64000
r1(config-if)#no shut
r1(config-if)#encapsulation ppp 封装PPP
r1(config-if)#ppp authen chap pap 在接口下使用本地加密方式chap来验证对端加密方式pap
r1(config-if)#ppp chap hostname r1 指定本地主机名称
r1(config-if)#ppp chap pass
word cisco 指定本地口令
r1(config-if)#exit
r1(config)#enable secret cisco 指定加密口令
r1(config)#service pass
word-encryption 口令加密
r1(config)#username r2 pass
word cisco 要验证的远程用户和口令
R2(PAP)
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#host r2
r2(config)#int s0/0
r2(config-if)#ip addr 192.168.1.3 255.255.255.0
r2(config-if)#no shut
r2(config-if)#encapsulation ppp 封装PPP
r2(config-if)#ppp authen pap chap 在接口下使用本地加密方式pap来验证对端加密方式chap
r2(config-if)#ppp pap sent-username r2 pass
word cisco指定要发送的用户和口令
r2(config-if)#exit
r2(config)#enable pass
word cisco 指定发送的口令
r2(config)#username r1 pass
word cisco要验证的远程用户和口令
r2(config)#exit
验证:show ip int s0/0
Show int s0/0
R1
r1#show int s0/0
Serial0/0 is up, line protocol is up
Hardware is M4T
internet address is 192.168.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: IPCP, CDPCP, crc 16, loopback not set
Keepalive set (10 sec)
Restart-Delay is 0 secs
Last input 00:00:05, output 00:00:00, output hang never
Last clearing of "show interface" counters 00:01:28
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
30 packets input, 1059 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
40 packets output, 904 bytes, 0 underruns
--More--
R2
r2#show int s0/0
Serial0/0 is up, line protocol is up
Hardware is M4T
Internet address is 192.168.1.3/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: IPCP, CDPCP, crc 16, loopback not set
Keepalive set (10 sec)
Restart-Delay is 0 secs
Last input 00:00:12, output 00:00:03, output hang never
Last clearing of "show interface" counters 00:00:19
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
19 packets input, 297 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
18 packets output, 285 bytes, 0 underruns
--More—
端口和链路协议都为up状态,封装为PPP封装。
Serial0/0 is up, line protocol is up
Encapsulation PPP
试验成功!
