Lab 3.2.3: Configuring PPP with PAP authentication

Objectives:

  • Increase security of your dialin core router by adding PAP authentication.

Scenario:

The Atlanta Bread Company is reviewing security policies and it has been noted that there is no authentication on the core router. You will configure PAP authentication between the Atlanta core router and the Macon remote office.

Notes: 

Lab Tasks:

  1. Use your configurations from the previous lab. Log into the Atlanta router and enter global configuration mode.
  2. Configure the serial interface for pap authentication. The commands to configure the serial interface are:

    Atlanta(config)#interface serial 0/1
    Atlanta(config-if)#ppp authentication pap
    Atlanta(config-if)#ppp pap sent-username atlanta password 0 atlantaisgreat
    Atlanta(config-if)#username macon password maconisgreat

  3. Write the configuration to memory.

Below is a brief description of each of the above commands:

PPP authentication pap  Requires dialin hosts to use pap authentication
PPP sent-username and password PAP is two-way authentication between routers
Username and Password  This is the username and password of dialin users
  1. Log into the Macon router and enter global configuration mode.
  2. Configure the serial interface for PAP authentication. The commands to configure the serial interface are:

    Macon(config)#interface serial 0/1
    Macon(config-if)#ppp authentication pap
    Macon(config-if)#ppp pap sent-username macon password 0 maconisgreat
    Macon(config-if)#username atlanta password atlantaisgreat
    Macon(config-if)#logging console

  3. Write the configuration to memory.
  4. Turn off both modems. The modems may not get past the LCP negotiation process unless they were powered off and then on. Don't forget to turn the modems back on.
  5. Issue the following two debug commands to monitor the LCP negotiation and password authentication process.

    Macon#debug ppp authentication
    Macon#debug ppp negotiation

  6. From the Macon router issue the following command:

Macon#ping 172.16.0.1

Record your findings about the PPP negotiation process below:

  1. Save your configurations and turn off all debugging.

Congratulations! You now have clear text authentication setup on your Atlanta core router and the Macon router.