PPP有两种认证协议一种是pap协议,一种chap协议。
在安全性上chap协议安全性高。pap协议传输时password是明文的,认证用户名和密码可以不一致chap在传输过程中不传输明文,而是用hash哈希值)来取代,质检握手身份核实(密码被隐藏)--在chap双方认证中,双方密码必须保持一致,否则认证失败
pap认证是通过两次握手实现的,而chap是通过三次握手实现。
实验拓扑搭建
注意:路由器间应使用Serial线相连
设备编址
| IP | gateway | |
| PCA | 192.168.1.2/30 | 192.168.1.1 |
| PCB | 192.168.2.2/30 | 192.168.2.1 |
| Router! | 10.1.1.1/30 | |
| Router2 | 10.1.1.2/30 |
在RA上配置PPP
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C]interface Serial 1/0
[H3C-Serial1/0]link-protocol ppp
[H3C-Serial1/0]ip address 10.1.1.1 255.255.255.252
[H3C-Serial1/0]baudrate 2048000
[H3C-Serial1/0]quit
[H3C]interface g0/0
[H3C-GigabitEthernet0/0]ip address 192.168.1.1 255.255.255.252
[H3C-GigabitEthernet0/0]undo shutdown
查看此时RA的信息
[H3C]display interface Serial 1/0
Serial1/0
Current state: UP
Line protocol state: UP
Description: Serial1/0 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 1500
Hold timer: 10 seconds, retry times: 5
Internet address: 10.1.1.1/30 (Primary)
Link layer protocol: PPP
LCP: opened, IPCP: stopped
Output queue - Urgent queuing: Size/Length/Discards 0/1024/0
Output queue - Protocol queuing: Size/Length/Discards 0/500/0
Output queue - FIFO queuing: Size/Length/Discards 0/75/0
Last link flapping: 0 hours 6 minutes 10 seconds
Last clearing of counters: Never
Current system time:2022-08-26 16:36:36
Last time when physical state changed to up:2022-08-26 16:30:26
Last time when physical state changed to down:2022-08-26 16:30:18
在RB上配置PPP
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C]interface Serial 1/0
[H3C-Serial1/0]link-protocol ppp
[H3C-Serial1/0]ip address 10.1.1.2 255.255.255.252
[H3C-Serial1/0]quit
[H3C]interface g0/0
[H3C-GigabitEthernet0/0]ip address 192.168.2.1 255.255.255.252
[H3C-GigabitEthernet0/0]undo shutdown
也可以查看此时的RBSerial1/0信息
[H3C]display interface Serial 1/0
Serial1/0
Current state: UP
Line protocol state: UP
Description: Serial1/0 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 1500
Hold timer: 10 seconds, retry times: 5
Internet address: 10.1.1.2/30 (Primary)
Link layer protocol: PPP
LCP: opened, IPCP: opened
Output queue - Urgent queuing: Size/Length/Discards 0/1024/0
Output queue - Protocol queuing: Size/Length/Discards 0/500/0
Output queue - FIFO queuing: Size/Length/Discards 0/75/0
Last link flapping: 0 hours 9 minutes 43 seconds
Last clearing of counters: Never
Current system time:2022-08-26 16:40:09
Last time when physical state changed to up:2022-08-26 16:30:27
Last time when physical state changed to down:2022-08-26 16:30:24
配置静态路由
RA上的静态路由
[H3C]ip route-static 192.168.2.0 255.255.255.252 10.1.1.2RB上的静态路由
[H3C]ip route-static 192.168.1.0 255.255.255.252 10.1.1.1
配置PCIP
测试此时的连通性
PCA ping RA
PCA ping PCB
配置认证方式
认证方式一:PAP
RA上配置用户,被认证的用户为RB
[H3C]local-user RB class network
New local user added.
[H3C-luser-network-RB]service-type ppp
[H3C-luser-network-RB]password simple pwdpwd
[H3C-luser-network-RB]qu
[H3C]interface Serial 1/0
[H3C-Serial1/0]ppp authentication-mode pap
[H3C-Serial1/0]ip address 10.1.1.1 255.255.255.252
[H3C-Serial1/0]shutdown
[H3C-Serial1/0]%Aug 26 21:49:26:715 2022 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Serial1/0 changed to down.
%Aug 26 21:49:26:715 2022 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Serial1/0 changed to down.
[H3C-Serial1/0]undo shutdown
[H3C-Serial1/0]%Aug 26 21:49:32:328 2022 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Serial1/0 changed to up.
查看此时的RA
[H3C]display interface Serial 1/0
Serial1/0
Current state: UP
Line protocol state: DOWN
Description: Serial1/0 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 1500
Hold timer: 10 seconds, retry times: 5
Internet address: 10.1.1.1/30 (Primary)
Link layer protocol: PPP
LCP: closed
Output queue - Urgent queuing: Size/Length/Discards 0/1024/0
Output queue - Protocol queuing: Size/Length/Discards 0/500/0
Output queue - FIFO queuing: Size/Length/Discards 0/75/0
Last link flapping: 0 hours 4 minutes 1 seconds
Last clearing of counters: Never
Current system time:2022-08-26 21:53:33
Last time when physical state changed to up:2022-08-26 21:49:32
Last time when physical state changed to down:2022-08-26 21:49:26
ping测试,此时pingRB并不能ping通
RB上配置认证信息
[H3C]interface Serial 1/0
[H3C-Serial1/0]link-protocol ppp
[H3C-Serial1/0]ppp pap local-user RB password simple pwdpwd
[H3C-Serial1/0]ip address 10.1.1.1 255.255.255.252
[H3C-Serial1/0]shutdown
[H3C-Serial1/0]%Aug 26 22:03:21:323 2022 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Serial1/0 changed to down.
%Aug 26 22:03:21:323 2022 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Serial1/0 changed to down.
[H3C-Serial1/0]undo shutdown
[H3C-Serial1/0]%Aug 26 22:03:25:396 2022 H3C IFNET/3/PHY_UPDOWN: Physical state on the interface Serial1/0 changed to up.
%Aug 26 22:03:25:396 2022 H3C IFNET/5/LINK_UPDOWN: Line protocol state on the interface Serial1/0 changed to up.
查看此时RB的信息
[H3C]display interface Serial 1/0
Serial1/0
Current state: UP
Line protocol state: UP
Description: Serial1/0 Interface
Bandwidth: 64 kbps
Maximum transmission unit: 1500
Hold timer: 10 seconds, retry times: 5
Internet address: 10.1.1.1/30 (Primary)
Link layer protocol: PPP
LCP: opened, IPCP: opened
Output queue - Urgent queuing: Size/Length/Discards 0/1024/0
Output queue - Protocol queuing: Size/Length/Discards 0/500/0
Output queue - FIFO queuing: Size/Length/Discards 0/75/0
Last link flapping: 0 hours 8 minutes 57 seconds
Last clearing of counters: Never
Current system time:2022-08-26 21:58:29
Last time when physical state changed to up:2022-08-26 21:49:32
Last time when physical state changed to down:2022-08-26 21:49:27
ping 测试 ;此时的RA可以与RBping通
PCA ping PCB
认证方式二:chap认证
RA上配置chap
[H3C]local-user RB class network
New local user added.
[H3C-luser-network-RB]service-type ppp
[H3C-luser-network-RB]password simple pwdpwd
[H3C-luser-network-RB]qu
[H3C]interface Serial 1/0
[H3C-Serial1/0]ppp authentication-mode chap
[H3C-Serial1/0]ip address 10.1.1.1 255.255.255.252
[H3C-Serial1/0]shutdown
[H3C-Serial1/0]undo shutdown 
RB上配置chap
[H3C]interface Serial 1/0
[H3C-Serial1/0]link-protocol chap
[H3C-Serial1/0]ppp chap local-user RB password simple pwdpwd
[H3C-Serial1/0]ip address 10.1.1.1 255.255.255.252
[H3C-Serial1/0]shutdown
[H3C-Serial1/0]undo shutdown测试连通性
OK,这就是PPP协议的简单配置了
扫一扫
1696
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
