beautypg.com

Configuring port authentication, Chap-option, Chap-name – Verilink XEL XSP-100 SHARK IAP (9SA-USRS-9.0R1.02) Product Manual User Manual

Page 161: Chap-secret, Pap-option, Pap-name, Snmp settings, Configuring port authentication -45

background image

Chapter 6: Using the Command Line Interface (CLI)

SHARK™ IAD User’s Guide

XEL P/N & Release 9SA-USRS-9.0R1.02

Chapter 6-45

Configuring Port Authentication

Enter this node as shown:

(ROUTER ppp-setup tdm1 vcc1)>>
(ROUTER ppp-setup tdm1 vcc1)>> port-authentication
(ROUTER ppp-setup tdm1 vcc1 port-authentication)>>

You can use the following commands to specify how your SHARK™ IAD
should respond when it receives an authentication request from a remote peer.
The settings for port authentication on the local SHARK™ IAD must match
the authentication that is expected by the remote peer. For example, if the
remote peer requires CHAP authentication and it has a name and a CHAP
secret for the SHARK™ IAD, you must enable CHAP and specify the same
name and secret on the SHARK™ IAD before the link can be established.

chap-option

set chap-option { on | off }
Specifies whether CHAP authentication is enabled. By default, CHAP
authentication is turned off. CHAP authentication must be enabled before you
can enter other CHAP information. If CHAP is turned on, it will be the first
authentication method offered to the remote peer during link negotiation. If
you turn port authentication off and peer authentication on, the PPP software
still uses the port authentication chap-name and pap-name for authentication.
As a result, the port authentication names for PAP and CHAP must be
identical to the peer names for your SHARK™ IAD on the remote peer. If you
do not configure a chap-name or pap-name, then the authentication packets
sent by the local peer will have blank name values. This may cause
authentication to fail for some PPP implementations.

chap-name

set chap-name chap_name
Specifies the name the SHARK™ IAD sends in a CHAP response packet. The
chap_name argument is 1-32 alphanumeric characters. The information you
enter must match the CHAP username configured in the remote PPP peer's
authentication database.

chap-secret

set chap-secret secret Specifies the CHAP secret for CHAP authentication.
The secret argument is 1-32 alphanumeric characters. The information you
enter must match the CHAP secret used by the PPP peer.

pap-option

set pap-option { on | off }
Specifies whether PAP authentication is enabled for a port. By default, PAP
authentication is turned off. PAP authentication must be enabled before you
can enter other PAP information. If you disable PAP authentication and save
the modified configuration, your SHARK™ IAD retains its PAP setting.

pap-name

set pap-name pap_name
Specifies the name the SHARK™ IAD sends in a PAP response packet. The
pap_name argument is 1- 32 alphanumeric characters. The information you
enter must match the PAP username configured in the PPP peer's