Lab
3.2.3: Configuring PPP with PAP authentication
Objectives:
Increase security of your dialin core router by adding PAP
authentication.
Scenario:
The Atlanta Bread Company is reviewing security policies and it
has been noted that there is no authentication on the core router.
You will configure PAP authentication between the Atlanta core
router and the Macon remote office.
Notes:
Lab Tasks:
Use your configurations from the previous lab. Log into the
Atlanta router and enter global configuration mode.
Configure the serial interface for pap authentication. The
commands to configure the serial interface are:
Atlanta(config)#interface serial 0/1
Atlanta(config-if)#ppp authentication pap
Atlanta(config-if)#ppp pap sent-username atlanta password 0
atlantaisgreat
Atlanta(config-if)#username macon password maconisgreat
Write the configuration to memory.
Below is a brief description of each of the above commands:
PPP authentication pap
Requires dialin hosts to use pap authentication
PPP sent-username and password
PAP is two-way authentication between routers
Username and Password
This is the username and password of dialin users
Log into the Macon router and enter global configuration mode.
Configure the serial interface for PAP authentication. The
commands to configure the serial interface are:
Macon(config)#interface serial 0/1
Macon(config-if)#ppp authentication pap
Macon(config-if)#ppp pap sent-username macon password 0
maconisgreat
Macon(config-if)#username atlanta password atlantaisgreat
Macon(config-if)#logging console
Write the configuration to memory.
Turn off both modems. The modems may not get past the LCP
negotiation process unless they were powered off and then on.
Don't forget to turn the modems back on.
Issue the following two debug commands to monitor the LCP
negotiation and password authentication process.