Russell Are you saying that CHAP is not capable of one way authentication?? And to do this one has to use PAP???
Michael -----Original Message----- From: Russell Heilling [mailto:[EMAIL PROTECTED]] Sent: 27 September 2002 12:10 PM To: [EMAIL PROTECTED] Subject: Re: chap authentication LONG !!! [7:54234] ""Arni V. Skarphedinsson"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Do I have to have the hostname of each router in each other, if I am calling > an ISP I just get a username and password, that I send the ISP router, I > dont get any hostname or password to put in my router to authenticate the > ISP router > > Or do I ???? What you are describing is what happens in PAP authentication (as used with most single user dial ISP accounts), with CHAP *both* routers need to authenticate with each other, so you will need to put the username and password for the ISP router into your config. In CHAP the password is never sent across the link, the authentication relies on both ends having the same password and using it to generate and verify cryptographic hashes that can be sent across the link without the risk of giving the password away to anyone snooping on the line. As the password is the same at each end... You should use the same password for the entry in the local users database as you have configured for your end of the link. Hope this helps clear it up... -- Russell Heilling http://www.ccie.org.uk/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54316&t=54234 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]