PPP Configuration

«« Previous
Next »»

Point-to-Point Protocol configuration is rather straightforward if you do not configure authentication. Keep in mind that PPP authentication is optional and a link can pretty much establish without authentication. In fact, the only change here as compared with HDLC configuration earlier is that you have to use the encapsulation ppp command in interface configuration mode. Several other link parameters can also be configured like bandwidth and description of the interface. You may consider enabling the interface as well using the no shutdown command.

We will perform simple PPP configuration using two routers shown in Figure 12-5, the same internetwork used for HDLC configuration.

Figure 12-6 PPP Configuration

Cisco Tutorials and Materials, Cisco Learning, Cisco Guides

Let’s now configure R1 and R2 to establish a point-to-point serial link using PPP as the Layer 2 protocol.

R1>enable
R1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#interface Serial1/0
R1(config-if)#ip address 172.16.32.1 255.255.255.252
R1(config-if)#encapsulation ppp
R1(config-if)#no shutdown
R1(config-if)#end
R1#

R2>
R2>enable
R2#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#interface Serial0/0
R2(config-if)#ip address 172.16.32.2 255.255.255.252
R2(config-if)#encapsulation ppp
R2(config-if)#no shutdown
R2(config-if)#end
R2#

All what we have done is to configure PPP as the encapsulation method using encapsulation ppp command other than configuring an IP address. That’s all we need to successfully establish a PPP serial link without authentication though. The lack of any authentication related configuration does not actually prevent the link from becoming fully operational.

Let’s use the show interfaces command on R1 to verify if a PPP link has established.

R1#show interfaces Serial1/0
Serial1/0 is up, line protocol is up
Hardware is M4T
Internet address is 172.16.32.1/30
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: IPCP, CDPCP, crc 16, loopback not set
Keepalive set (10 sec)
Restart-Delay is 0 secs
<Some output omitted for brevity> 

The first highlighted line in the output above indicates that PPP encapsulation is being used on the interface as indicated by Encapsulation PPP on the first line. Also the words LCP Open indicate that LCP has completed its work successfully. The second highlighted line lists the fact that two NCPs, IPCP for IP and CDPCP for CDP, have also successfully been enabled. These are all positive indiations that PPP is working correctly.

But that’s not all about PPP configuration. We will also explore configuration for PPP authentication using one of the two available options namely CHAP. CHAP requires a password to be configured on each of the two routers R1 and R2. In fact, the password could be configured on an external AAA (Authentication, Authorization, and Accounting) server outside the router, but we will use locally configured passwords for the sake of this example.

You must configure hostnames of routers if they are not already configured using the hostname command in global configuration mode. In addition, you have to configure the username and password using the username name password password or username name secret secret command. The username and password are both case-sensitive. CHAP is enabled on an interface using the ppp authentication chap command in interface configuration mode.

R1#
R1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#username R2 password chap
R1(config)#interface Serial1/0
R1(config-if)#ppp authentication chap
R1(config-if)#end
R1#

R2#
R2#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R2#username R1 password chap
R2(config)#interface Serial0/0
R2(config-if)#ppp authentication chap
R2(config-if)#end
R2#

You may use the show interfaces command on either R1 or R2 to verify if PPP authentication was successful.  You may also use the show users command on R1 to verify PPP authentication status as show here.

R1#show users
Line       User       Host(s)              Idle       Location
*  0 con 0                idle                 00:00:00

Interface    User               Mode         Idle     Peer Address
Se1/0        R2                 Sync PPP     00:00:05 172.16.32.2

«« Previous
Next »»

0 comments:

Post a Comment