HI Troy My question is, suppose as you said, usera and userb have established a connection using chap and Pap, now is it possible to give one set of username for chap and another set for pap?
The config looks like this ppp authentication chap pap ppp chap hostname xxxx ppp chap password xxxx ppp pap sent-username yyyy password yyyy Is this configuration is valid? if valid how often is it used in customer scenarios. I have observed that when i give the same username n password for both chap n pap( i.e xxxx for both), the ios gives the warning message saying may be security hole. Thanks n regards Deepak Troy Leliard wrote: > > Hi Deepak, > > I'm not sure if I follow. Say for example you wanted userA to > connect via CHAP and userB to connect via PAP, this would > indeed be possible, but usera and userb, could not have the > same username. > > Most of the ISP's that i have worked for only accept CHAP since > the password is no passed in clear txt, and most dialup clients > now support CHAP. > > Similarly DDR scenarios, when y ou have your router connecting > to anotehr router (or ISP), you would also want to implement > CHAP, for obvious security reasons. The only time I have use pa > is when use legacy dialup clients that don't support CHAP. > > Hope this helps. > > Cheers > Troy > > > Deepak N wrote: > > > > Hi Troy > > Thanks for the reply > > > > So, this would mean, there is no possibility of using one > > set of username/password for CHAP and another set for PAP, i > > guess. > > The same set of username/password for eg: cisco/cisco would be > > used for both CHAP and PAP. > > > > Regards > > Deepak > > > > > > Troy Leliard wrote: > > > > > > Normally you would only get one username / password., and > the > > > ISP would configure CHAP, then PAP authentication, ie if the > > > cllent (user) tries to authenticate, and CHAP fails, it will > > > then authenticate using PAP. (CHAP Should always come first > > as > > > it is the more secure authentication method). > > > > > > Hope this helps > > > > > > > > > Deepak N wrote: > > > > > > > > Hi > > > > I am having this question. > > > > When configuring the username and password for PAP n > CHAP, i > > > am > > > > giving different username n password. > > > > Is there any customer scenario where this kind of > situation > > is > > > > there? > > > > Also does the ISP provide different username n password > for > > > > different authentication types i.e, one set of username n > > > > password for CHAP and another set of username and password > > for > > > > PAP. > > > > i assume that ISP gives only one authentication type > either > > > > CHAP or PAP not both. > > > > I need inputs from all of you > > > > > > > > Thanks in advance > > > > > > > > Deepak > > > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63929&t=63442 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
