CHAP is used to periodically verify the identity of the remote peer by using a three-way handshake.
Normally this occurs immediately after the initial link establishment and before proceeding
to the Network layer phase. CHAP can also send a new challenge periodically to verify the
remote node. All PPP authentications are optional. Both ends must be configured with the same
authentication type if you are using authentication.
One CHAP packet is encapsulated in the Information field of a PPP packet, with the Type
field set to 3, the Length field to 5, the Authentication-Protocol field to c223, and the algorithm
to 5 (MD5). A CHAP Challenge packet is illustrated in Figure 26.8.