Configuring PPP Authentication
After you configure your serial interface to support PPP encapsulation, you can configure
authentication using PPP between routers (see Table 11.3). First, you need to set the hostname
of the router, if it’s not already. Then you set the username and password for the remote router
that will be connecting to your router:
Here’s an example:
Router#
config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#
hostname RouterA
RouterA(config)#
username RouterB password cisco
When using the
hostname
command, remember that the username is the hostname of the
remote router that’s connecting to your router. And it’s case sensitive too. Also, the password on
both routers must be the same. It’s a plain-text password that you can see with a
show run
command;
you can encrypt the password by using the command
service password-encryption
.
TABLE 1 1 . 3
PPP Authentication Commands
Command Meaning
configure terminal Takes you to global configuration mode
hostname hostname Configures the hostname of the local router
username username password password Configures the hostname of the remote router
that your local router will authenticate with and
the password that both routers will use for
authentication
ppp authentication chap|pap Configures the PPP authentication method
under the physical interface to either chap or pap,
typically just chap
You must have a username and password configured for each remote system to which you
plan to connect. The remote routers must also be configured with usernames and passwords.
Now, after you’ve set the hostname, usernames, and passwords, choose the authentication
type, either chap or pap:
RouterA#config t
Enter configuration commands, one per line. End with CNTL/Z.
RouterA(config)#int s0
RouterA(config-if)#ppp authentication chap pap
RouterA(config-if)#^Z
RouterA#
If both methods are configured on the same line, as shown here, then only the first method
will be used during link negotiation—the second acts as a backup just in case the first method fails.