PAP的单向验证:
基本配置:
R1:
[R1]sys R1
[R1]local-user R1 class network
[R1-luser-network-R1]password simple 123
[R1-luser-network-R1]service-type ppp
[R1-luser-network-R1]qui
[R1]int s1/0
[R1-Serial1/0]link-protocol ppp
[R1-Serial1/0]ip add 1.1.1.1 8
[R1-Serial1/0]un sh
[R1-Serial1/0]qui
[R1]domain R1
[R1-isp-r1]authentication ppp local
[R1-isp-r1]qui
R2:
<H3C>sys
System View: return to User View with Ctrl+Z.
[H3C]sys R2
[R2]int s1/0
[R2-Serial1/0]ip add 1.1.1.2 8
[R2-Serial1/0]un sh
[R2-Serial1/0]link-protocol ppp
[R2-Serial1/0]ppp pap local-user R1 password simple 123
[R2-Serial1/0]qui
验证PPP协议是成功的:
[R2]dis int s1/0
Serial1/0
Current state: UP
Line protocol state: UP
Description: Serial1/0 Interface
Bandwidth: 64kbps
Maximum Transmit Unit: 1500
Hold timer: 10 seconds, retry times: 5
Internet Address is 1.1.1.2/8 Primary
Link layer protocol: PPP
LCP: opened, IPCP: opened
Output queue - Urgent queuing: Size/Length/Discards 0/100/0
Output queue - Protocol queuing: Size/Length/Discards 0/500/0
Output queue - FIFO queuing: Size/Length/Discards 0/75/0
Last link flapping: 0 hours 5 minutes 48 seconds
Last clearing of counters: Never
检查连通性:
[R1]ping 1.1.1.2
Ping 1.1.1.2 (1.1.1.2): 56 data bytes, press CTRL_C to break
56 bytes from 1.1.1.2: icmp_seq=0 ttl=255 time=1.789 ms
56 bytes from 1.1.1.2: icmp_seq=1 ttl=255 time=1.254 ms
56 bytes from 1.1.1.2: icmp_seq=2 ttl=255 time=1.148 ms
56 bytes from 1.1.1.2: icmp_seq=3 ttl=255 time=1.163 ms
56 bytes from 1.1.1.2: icmp_seq=4 ttl=255 time=1.155 ms
--- Ping statistics for 1.1.1.2 ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.148/1.302/1.789/0.247 ms
5 packets received
PAP的双向认证:
R1:
[R1]sys R1
[R1]local-user R2 class network
New local user added.
[R1-luser-network-R2]password simple 123
[R1-luser-network-R2]service-type ppp
[R1-luser-network-R2]qui
[R1]int s1/0
[R1-Serial1/0]ip add 1.1.1.1 8
[R1-Serial1/0]un sh
[R1-Serial1/0]link-protocol ppp
[R1-Serial1/0]ppp authentication-mode pap domain system
[R1-Serial1/0]ppp pap local-user R2 password simple 123
[R1-Serial1/0]quit
[R1]domain system
[R1-isp-system]authentication ppp local
[R1-isp-system]quit
R2:
[R2]sys R2
[R2]local-user R1 class network
New local user added.
[R2-luser-network-R1]password simple 123
[R2-luser-network-R1]service-type ppp
[R2-luser-network-R1]quit
[R2]int s1/0
[R2-Serial1/0]ip add 1.1.1.2 8
[R2-Serial1/0]un sh
[R2-Serial1/0]link-protocol ppp
[R2-Serial1/0]ppp authentication-mode pap domain system
[R2-Serial1/0]ppp pap local-user R1 password simple 123
[R2-Serial1/0]quit
[R2]domain system
[R2-isp-system]authentication ppp local
[R2-isp-system]qui
检查PPP是否建立成功:
[R1]dis int s1/0
Serial1/0
Current state: UP
Line protocol state: UP
Description: Serial1/0 Interface
Bandwidth: 64kbps
Maximum Transmit Unit: 1500
Hold timer: 10 seconds, retry times: 5
Internet Address is 1.1.1.1/8 Primary
Link layer protocol: PPP
LCP: opened, IPCP: opened
Output queue - Urgent queuing: Size/Length/Discards 0/100/0
Output queue - Protocol queuing: Size/Length/Discards 0/500/0
Output queue - FIFO queuing: Size/Length/Discards 0/75/0
Last link flapping: 0 hours 9 minutes 26 seconds
Last clearing of counters: Never
检查连通性如何:
[R1]ping 1.1.1.2
Ping 1.1.1.2 (1.1.1.2): 56 data bytes, press CTRL_C to break
56 bytes from 1.1.1.2: icmp_seq=0 ttl=255 time=1.472 ms
56 bytes from 1.1.1.2: icmp_seq=1 ttl=255 time=0.970 ms
56 bytes from 1.1.1.2: icmp_seq=2 ttl=255 time=0.986 ms
56 bytes from 1.1.1.2: icmp_seq=3 ttl=255 time=1.092 ms
56 bytes from 1.1.1.2: icmp_seq=4 ttl=255 time=0.942 ms
--- Ping statistics for 1.1.1.2 ---
5 packets transmitted, 5 packets received,
这样以来。PAP的双向认证就确认建立完成了。
PPP CHAP 的双向认证:
验证方有用户名时的基本配置:
R1:
[H3C]sys R1
[R1]local-user R2 class network
New local user added.
[R1-luser-network-R2]service-type ppp
[R1-luser-network-R2]password simple 123
[R1-luser-network-R2]quit
[R1]int s1/0
[R1-Serial1/0]link-protocol ppp
[R1-Serial1/0]ip add 1.1.1.1 8
[R1-Serial1/0]un sh
[R1-Serial1/0]ppp authentication chap domain system
[R1-Serial1/0]ppp authentication chap domain system
[R1-Serial1/0]ppp chap user R1
[R1-Serial1/0]qui
[R1]domain system
[R1-isp-system]authentication ppp local
[R1-isp-system]qui
R2:
[H3C]sys R2
[R2]local-user R1 class network
New local user added.
[R2-luser-network-R1]service-type ppp
[R2-luser-network-R1]password simple 123
[R2-luser-network-R1]qui
[R2]int s1/0
[R2-Serial1/0]ip add 1.1.1.2 8
[R2-Serial1/0]un sh
[R2-Serial1/0]link-protocol ppp
[R2-Serial1/0]ppp authentication chap
[R2-Serial1/0]ppp chap user R2
[R2-Serial1/0]qui
查看PPP协议是否建立成功:
[R1]dis int s1/0
Serial1/0
Current state: UP
Line protocol state: UP
Description: Serial1/0 Interface
Bandwidth: 64kbps
Maximum Transmit Unit: 1500
Hold timer: 10 seconds, retry times: 5
Internet Address is 1.1.1.1/8 Primary
Link layer protocol: PPP
LCP: opened, IPCP: opened
Output queue - Urgent queuing: Size/Length/Discards 0/100/0
Output queue - Protocol queuing: Size/Length/Discards 0/500/0
Output queue - FIFO queuing: Size/Length/Discards 0/75/0
Last link flapping: 0 hours 7 minutes 32 seconds
Last clearing of counters: Never
检测;连通性:
[R1]ping 1.1.1.2
Ping 1.1.1.2 (1.1.1.2): 56 data bytes, press CTRL_C to break
56 bytes from 1.1.1.2: icmp_seq=0 ttl=255 time=1.411 ms
56 bytes from 1.1.1.2: icmp_seq=1 ttl=255 time=1.225 ms
56 bytes from 1.1.1.2: icmp_seq=2 ttl=255 time=1.204 ms
56 bytes from 1.1.1.2: icmp_seq=3 ttl=255 time=1.158 ms
56 bytes from 1.1.1.2: icmp_seq=4 ttl=255 time=1.169 ms
--- Ping statistics for 1.1.1.2 ---
5 packets transmitted, 5 packets received,
验证方没有用户名时的基本配置:
[H3C]sys R1
[R1]local-user R2 class network
New local user added.
[R1-luser-network-R2]password simple 123
[R1-luser-network-R2]service-type ppp
[R1-luser-network-R2]qui
[R1]int s1/0
[R1-Serial1/0]ip add 1.1.1.1 8
[R1-Serial1/0]un sh
[R1-Serial1/0]ppp authentication chap domain system
[R1-Serial1/0]qui
[R1]domain system
[R1-isp-system]authentication ppp local
[R1-isp-system]qui
R2:
[H3C]sys R2
[R2]int s1/0
[R2-Serial1/0]ppp chap user R2
[R2-Serial1/0]ppp chap password simple 123
[R2-Serial1/0]ip add 1.1.1.2 8
[R2-Serial1/0]un sh
[R2-Serial1/0]qui
检查PPP协议是否确定建立成功:
[R2]dis int s1/0
Serial1/0
Current state: UP
Line protocol state: UP
Description: Serial1/0 Interface
Bandwidth: 64kbps
Maximum Transmit Unit: 1500
Hold timer: 10 seconds, retry times: 5
Internet Address is 1.1.1.2/8 Primary
Link layer protocol: PPP
LCP: opened, IPCP: opened
Output queue - Urgent queuing: Size/Length/Discards 0/100/0
Output queue - Protocol queuing: Size/Length/Discards 0/500/0
Output queue - FIFO queuing: Size/Length/Discards 0/75/0
Last link flapping: 0 hours 5 minutes 33 seconds
Last clearing of counters: Never
检查连通性如何:
[R2]ping 1.1.1.1
Ping 1.1.1.1 (1.1.1.1): 56 data bytes, press CTRL_C to break
56 bytes from 1.1.1.1: icmp_seq=0 ttl=255 time=1.000 ms
56 bytes from 1.1.1.1: icmp_seq=1 ttl=255 time=1.000 ms
56 bytes from 1.1.1.1: icmp_seq=2 ttl=255 time=0.000 ms
56 bytes from 1.1.1.1: icmp_seq=3 ttl=255 time=1.000 ms
56 bytes from 1.1.1.1: icmp_seq=4 ttl=255 time=1.000 ms
--- Ping statistics for 1.1.1.1 ---
5 packets transmitted, 5 packets received,
到此为止,确立PPP协议意见建立成功,并且链路线通行良好