Tsunami
®
800 & 8000 Series - Software Management Guide 71
5. Given below is the table which explains PPPoE client parameters and the method to configure the configurable
parameter(s):
Parameter Description
Authentication
Protocol
PPPoE supports the following types of user authentication protocols that provide
varying levels of security:
·
None: Represents that no authentication is required for transferring PPP frames
over Ethernet between PPPoE client and server.
·
Password Authentication Protocol (PAP): PAP is an access control protocol
used to authenticate client’s password on the server. The server requests a
password from the client and sends the retrieved password to an authentication
server for verification. As an authentication protocol, PAP is considered the least
secure because the password is not encrypted in transmission.
·
Challenge Handshake Authentication Protocol (CHAP): CHAP is similar to
PAP with several unique characteristics. Instead of requesting a password, the
server sends a challenge message to the client. The challenge message is a
random value. The client encrypts the challenge message with user's password
and sends the combination back to the server. The server forwards the
challenge/password combination to the authentication server. The
authentication server encrypts the challenge with the user's password stored in
the authentication database. If the user's response is a match, the password is
considered authentic. CHAP uses the model of a shared secret (the user
password) to authenticate the user. The use of CHAP is considered a moderately
secure method of authentication.
·
Microsoft Challenge-Handshake Authentication Protocol version 2
(MSCHAP v2): MSCHAP V2 is a mutual authentication method that supports
password-based user or computer authentication. During the MSCHAP v2
authentication process, both the client and the server prove that they have
knowledge of the user's password for authentication to succeed. Mutual
authentication is provided by including an authenticator packet returned to the
client after a successful server authentication.This method is proprietary to the
Microsoft mostly used in windows servers and client.
·
EAP-MD5: EAP-MD5 enables a server to authenticate a connection request by
verifying an MD5 hash of a user's password. The server sends the client a
random challenge value, and the client proves its identity by hashing the
challenge and its password with MD5.
By default, the authentication protocol is set to CHAP. You can configure the
authentication protocol to the desired one and click OK.
LCP Echo Interval To check the link connection, periodically, the PPPoE client sends an LCP echo-request
frame to the PPPoE server. If the PPPoE server respond to the echo-request by sending
an echo-reply, then the connection is alive.
To configure LCP Echo Interval, enter a time ranging from 5 to 300 seconds. By
default, the echo interval is set to 30 seconds.
To Next Page
Loading...
Need help?
General
