To Next Page

To Previous Page

ZXR102900ESeriesCongurationGuide

EAP-MD5.Anyofthemethodscanbeusedaccordingtodifferentserviceoperation

requirements.

lPAP(PasswordAuthenticationProtocol)

PAPisasimpleplaintextauthenticationmode.NASrequiresthesubscriberto

providetheusernameandpasswordandthesubscriberreturnsthesubscriber

informationintheformofplaintext.Theservercheckswhetherthissubscriber

isavailableandwhetherthepasswordiscorrectaccordingtothesubscriber

congurationandreturnsdifferentresponses.Thisauthenticationmodefeatures

poorsecurityandtheusernameandpasswordtransferredmaybeeasilystolen.

Figure4-20showstheprocessofusingthePAPmodeforidentityauthentication.

Figure4-20USINGPAPMODEFORIDENTITYAUTHENTICATION

lCHAP(ChallengeHandshakeAuthenticationProtocol)

CHAPisanencryptedauthenticationmodeandavoidsthetransmissionoftheuser’s

realpassworduponthesetupofconnection.NASsendsarandomlygenerated

Challengestringtotheuser.TheuserencryptstheChallengestringbyusingtheown

passwordandMD5algorithmandreturnstheusernameandencryptedChallenge

string(encryptedpassword).

TheserverusestheuserpassworditstoresandtheMD5algorithmtoencryptthe

Challengestring.ThenitcomparesthisChallengestringwiththeencryptedpassword

oftheserverandreturnsaresponseaccordingly.

Figure4-21showstheprocessofusingtheCHAPmodeforidentityauthentication.

4-68

SJ-20120409144109-002|2012-07-02(R1.0)ZTEProprietaryandCondential

Model

ZXR10 2952E

Zte ZXR10 2952E User Manual

Questions and Answers: