| PPP支持NCPC(网络控制协议)和LCP(链路控制协议) PPP的验证方式分为PAP二次握手明文传输和CHAP三次握手密文传输。 试验配置PAP和CHAP的验证:  试验配置如下: R1(CHAP) Router>en Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#host r1 r1(config)#int s0/0 r1(config-if)#ip addr 192.168.1.1 255.255.255.0 r1(config-if)#clock rate 64000 r1(config-if)#no shut r1(config-if)#encapsulation ppp 封装PPP r1(config-if)#ppp authen chap pap 在接口下使用本地加密方式chap来验证对端加密方式pap r1(config-if)#ppp chap hostname r1 指定本地主机名称 r1(config-if)#ppp chap password cisco 指定本地口令 r1(config-if)#exit r1(config)#enable secret cisco 指定加密口令 r1(config)#service password-encryption 口令加密 r1(config)#username r2 password cisco 要验证的远程用户和口令 R2(PAP) Router>en Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#host r2 r2(config)#int s0/0 r2(config-if)#ip addr 192.168.1.3 255.255.255.0 r2(config-if)#no shut r2(config-if)#encapsulation ppp 封装PPP r2(config-if)#ppp authen pap chap 在接口下使用本地加密方式pap来验证对端加密方式chap r2(config-if)#ppp pap sent-username r2 password cisco指定要发送的用户和口令 r2(config-if)#exit r2(config)#enable password cisco 指定发送的口令 r2(config)#username r1 password cisco要验证的远程用户和口令 r2(config)#exit 验证:show ip int s0/0 Show int s0/0 R1 r1#show int s0/0 Serial0/0 is up, line protocol is up Hardware is M4T Internet address is 192.168.1.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, LCP Open Open: IPCP, CDPCP, crc 16, loopback not set Keepalive set (10 sec) Restart-Delay is 0 secs Last input 00:00:05, output 00:00:00, output hang never Last clearing of "show interface" counters 00:01:28 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 30 packets input, 1059 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 40 packets output, 904 bytes, 0 underruns --More-- R2 r2#show int s0/0 Serial0/0 is up, line protocol is up Hardware is M4T Internet address is 192.168.1.3/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, LCP Open Open: IPCP, CDPCP, crc 16, loopback not set Keepalive set (10 sec) Restart-Delay is 0 secs Last input 00:00:12, output 00:00:03, output hang never Last clearing of "show interface" counters 00:00:19 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1158 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 19 packets input, 297 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 18 packets output, 285 bytes, 0 underruns --More— 端口和链路协议都为up状态,封装为PPP封装。 Serial0/0 is up, line protocol is up Encapsulation PPP 试验成功! 本文出自 “范琳琳学习笔记” 博客,请务必保留此出处http://fanlinlin.blog.51cto.com/535085/133662 本文出自 51CTO.COM技术博客 本文出自 51CTO.COM技术博客 |
转载于:https://blog.51cto.com/517055/298120
