To Next Page

To Previous Page

ppp-options {

chap {

access-profile pe-A-ppp-clients;

default-chap-secret "$ABC123";

local-name “pe-A-so-1/1/2";

}

Meaning The configured CHAP and its associated set options are displayed as expected.

Configuring the PPP Password Authentication Protocol On a Physical Interface

•

Understanding PPP Password Authentication Protocol on page 496

•

Configuring the PPP Password Authentication Protocol On a Physical

Interface on page 497

•

Configuring the PPP Password Authentication Protocol On a Logical

Interface on page 498

Understanding PPP Password Authentication Protocol

For interfaces with PPP encapsulation, you can configure interfaces to support the

Password Authentication Protocol (PAP), as defined in RFC 1334, PAP Authentication

Protocols. If authentication is configured, the PPP link negotiates using CHAP or PAP

protocol for authentication during the Link Control Protocol (LCP) negotiation phase.

PAP is only performed after the link establishment phase (LCP up) portion of the

authentication phase.

During authentication, the PPP link sends a PAP authentication-request packet to the

peer with an ID and password. The authentication-request packet is sent every 2 seconds,

similar to the CHAP challenge, until a response is received (acknowledgment packet,

nonacknowledgment packet). If an acknowledgment packet is received, the PPP link

transitions to the next state, the network phase. If a nonacknowledgment packet is

received, an LCP terminate request is sent, and the PPP link goes back to the link

establishment phase. If no response is received, and an optional retry counter is set to

true, a new request acknowledgment packet is resent. If the retry counter expires, the

PPP link transitions to the LCP negotiate phrase.

You can configure the PPP link with PAP in passive mode. By default, when PAP is enabled

on an interface, the interface expects authenticate-request packets from the peer.

However, the interface can be configured to send authentication request packets to the

peer by configuring PAP to operate in passive mode. In PAP passive mode, the interface

sends the authenticate-request packets to the peer only if the interface receives the PAP

option from the peer during LCP negotiation—in passive mode, the interface does not

authenticate the peer.

ACX Series Universal Access Router Configuration Guide

Juniper ACX2000 Configuration Guide

Other manuals for Juniper ACX2000