Lab B.3.2: PAP Authentication - 700 Series Router - IOS Router

Objectives:

  • Configure a Cisco 700 series router to dial an IOS router using PPP encapsulation and authenticate with PAP.

Scenario:

Configure a Cisco 700 series router to dial an IOS router using PPP encapsulation and authenticate with PAP.

Notes: 

Lab Tasks:

  1. Cable the lab as shown in the diagram.
  2. Configure the Cisco 700 series router. You may need to do a set default command to erase the existing configuration on the router.

    Set the hostname of the router:

    >set system BranchRouter

    Set the ISDN switch type and the SPIDs:

    BranchRouter>set switch ni-1

    BranchRouter>set 1 spid 51055512340001
    BranchRouter>set 2 spid 51055512350001
    BranchRouter>encapsulation ppp

    Set the Ethernet port settings:

    BranchRouter>cd lan
    BranchRouter:LAN>set ip address 192.168.1.1
    BranchRouter:LAN>set ip netmask 255.255.255.0
    BranchRouter:LAN>set ip routing on
    BranchRouter:LAN>set bridging off
    BranchRouter:LAN>cd

    Create and set the parameters for the central router profile:

    BranchRouter>set user CentralRouter
    BranchRouter:CentralRouter>set number 5554000
    BranchRouter:CentralRouter>set ip address 192.168.3.1
    BranchRouter:CentralRouter>set ip netmask 255.255.255.0
    BranchRouter:CentralRouter>set ip routing on
    BranchRouter:CentralRouter>set ip route dest 0.0.0.0/0 gateway 192.168.3.2
    BranchRouter:CentralRouter>set bridging off
    BranchRouter:CentralRouter>cd

    Set the PPP authentication to PAP and set the client password:

    BranchRouter>set ppp authentication out pap
    BranchRouter>set ppp authentication in pap

    BranchRouter>set ppp password client
    Enter net Password: phoenix
    Re-Type new Password: phoenix

    Set the host password:

    BranchRouter>cd CentralRouter
    BranchRouter:CentralRouter>set ppp password host
    Enter net Password: phoenix
    Re-Type new Password: phoenix
    BranchRouter:CentralRouter>cd

    Set CentralRouter as your active profile:

    BranchRouter>set active CentralRouter

  3. Configure the central site IOS router to accept in coming PPP calls and force CHAP authentication.

    CentralRouter(config)#username BranchRouter password phoenix
    CentralRouter(config)#interface BRI0/0
    CentralRouter(config-if)#ip address 192.168.3.2 255.255.255.0
    CentralRouter(config-if)#encapsulation ppp
    CentralRouter(config-if)#dialer map ip 192.168.3.1 name BranchRouter 5551234
    CentralRouter(config-if)#dialer-group 1
    CentralRouter(config-if)#isdn switch-type basic-ni
    CentralRouter(config-if)#isdn spid1 51055540000001 5554000
    CentralRouter(config-if)#isdn spid2 51055540010001 5554001
    CentralRouter(config-if)#ppp authentication pap
    CentralRouter(config-if)#ppp pap sent-username CentralRouter password phoenix
    CentralRouter(config)#dialer-list 1 protocol ip permit

  4. Configure a static route to the Ethernet network connected to the 700 series branch router.

    CentralRouter(config)#ip route 192.168.1.0 255.255.255.0 192.168.3.1
  5. Ping the central router Ethernet interface from the branch router. This should trigger a DDR call. You should see it connect and authenticate properly.

BranchRouter> ping 192.168.2.1
Start sending: 01/01/1995 00:00:12 L05 0 5554000 Outgoing Call Initiated
BranchRouter> 01/01/1995 00:00:12 L08 1 5554000 Call Connected
BranchRouter> 01/01/1995 00:00:13 Connection 2 Add Link 1 Channel 1
BranchRouter> round trip time is 1770 msec.