BECKHOFF IPC-Security User Manual

Protocol

Value (Hex)

Information

PAP

0x00040000

Password for authentication is being transmitted in clear-text! In-
secure!

CHAP

0x00080000

Uses a random value, together with the password, for creating a
one-way hash value which is being transmitted to the server for
authentication.

MS-CHAP

0x00100000

This is Microsoft’s implementation of CHAP. It provides several
enhancements to standard CHAP.

MS-CHAP v2

0x00200000

This is version 2 of the MS-Chap protocol. It provides mutual
authentication between peers. This protocol should be used!

EAP

0x00400000

Developed by the IETF. Supports several authentication mech-
anisms like RADIUS, certificates, … . However, this usually im-
plies other software packages to be installed on the CE device
and is therefore disabled by default.

To prohibit more than one protocol, you need to interpret the hexadecimal value like a bitmask and add the
bit-wise values. For example:

Protocols to prohibit PAP, CHAP, MS-CHAP

PAP value binary 0000 0000 0000 0100 0000 0000 0000 0000

CHAP value binary 0000 0000 0000 1000 0000 0000 0000 0000

MS-CHAP value binary 0000 0000 0001 0000 0000 0000 0000 0000

Overall binary value (sum) 0000 0000 0001 1100 0000 0000 0000 0000

Hex value to configure 0x001C0000

The Flags attribute configures if the RAS Server should allow any of the following features. Any of these
features can be combined by setting the appropriate bitmask value (similar to the procedure from above).

Feature

Value
(Hex)

Information

Data Encryption

0x01

Requires data encryption, if set

Unauthenticated Access

0x02

Allows unauthenticated access, if set

Use of VJ header compression

0x04

Prevents the use, if set

Use data compression

0x08

Prevents the use, if set

Configure a modem connection

You can use a to the CE device attached modem for enabling incoming dial in connections. Therefore, the
resulting connection is a point-to-point communication via the telephone network.

46