在配置PPP验证时有PAP和CHAP的选择,其中PAP为明文传送用户名和口令,不安全。而CHAP则采用哈希值进行验证,口令不会在网上传送,所以安全性比较高。
CHAP认证也是CCNA课程PPP教学时所需掌握的基本配置,其配置如下:
拓扑: RA DTE--------DCE RB
--------------------------------------
RA#conf t
RA(config)#username RB password hello
RA(config)#int s0
RA(config-if)#encap ppp
RA(config-if)#ppp au chap
RA(config-if)#end
-------------------------------
Router(config)#host RB
RB(config)#username RA password hello
RB(config)#int s0
RB(config-if)#encap ppp
RB(config-if)#ppp auth chap
%LINK-3-UPDOWN: Interface Serial0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up
------------------------------------------------------
RA#sh int s0
Serial0 is up, line protocol is up -------第一层二层UP
Hardware is HD64570
Internet address is 1.1.1.1/30
MTU 1500 bytes, BW 1544 Kbit, DLY 1000 usec, rely 255/255, load 1/255
Encapsulation PPP, loopback not set, keepalive set (10 sec)
LCP Open -----------打开
Open: IPCP, CDPCP -----------打开
Last input 00:00:00, output 00:00:00, output hang never
Last clearing of show interface counters never
Queueing strategy: fifo