One-way chap authentication configuration example, Network requirements, Configuration procedure – H3C Technologies H3C SR8800 User Manual

Page 44

[RouterB-Serial4/1/9/1:0] ppp authentication-mode pap domain system

# Configure the PAP username and password sent from Router B to Router A when Router B is

authenticated by Router A using PAP.

[RouterB-Serial4/1/9/1:0] ppp pap local-user userb password simple passb

# Assign an IP address to Serial 4/1/9/1:0.

[RouterB-Serial4/1/9/1:0] ip address 200.1.1.2 16

[RouterB-Serial4/1/9/1:0] quit

# Configure local authentication for the PPP users in the default ISP domain system.

[RouterB] domain system

[RouterB-isp-system] authentication ppp local

Verify the configuration:
Use the display interface command to display information about Serial 4/1/9/1:0 of Router B.
The physical layer status and link layer status of the interface are both up, and the states of LCP and

IPCP are both Opened, indicating that PPP negotiation is successful. Router A and Router B can

ping each other.

One-way CHAP authentication configuration example

Network requirements

As shown in

Figure 10

, configure Router A to authenticate Router B by using CHAP.

Configuration procedure

Approach I: The authenticator configured with a username authenticates the remote end using CHAP

Configure Router A:
# Create a user account for Router B.

system-view

[RouterA] local-user userb

# Set a password for the user account.

[RouterA-luser-userb] password simple hello

# Set the service type of the user account to PPP.

[RouterA-luser-userb] service-type ppp

[RouterA-luser-userb] quit

[RouterA] interface Serial 4/1/9/1:0

# Enable PPP encapsulation on interface Serial 4/1/9/1:0.

[RouterA-Serial4/1/9/1:0] link-protocol ppp

# Configure the username for Router A when Router A authenticates Router B.

[RouterA-Serial4/1/9/1:0] ppp chap user usera

# Set the authentication mode to CHAP.

[RouterA-Serial4/1/9/1:0] ppp authentication-mode chap domain system

# Assign an IP address to Serial 4/1/9/1:0.

[RouterA-Serial4/1/9/1:0] ip address 200.1.1.1 16

[RouterA-Serial4/1/9/1:0] quit

# Configure local authentication for the PPP users in the default ISP domain system.

[RouterA] domain system

[RouterA-isp-system] authentication ppp local

This manual is related to the following products:

H3C SR6600-X H3C SR6600 H3C MSR 5600 H3C MSR 50 H3C MSR 3600 H3C MSR 30 H3C MSR 2600 H3C MSR 20-2X[40] H3C MSR 20-1X H3C MSR 930 H3C MSR 900 H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C WX3000 Series Unified Switches H3C LSWM1WCM10 Access Controller Module H3C LSWM1WCM20 Access Controller Module H3C LSQM1WCMB0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module H3C LSBM1WCM2A0 Access Controller Module