1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
|
<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Content</title>
<base target="_self">
</head>
<body background="../../images/bg.gif" topmargin="0" leftmargin="0" marginheight="0" marginwidth="0" onLoad="window.focus();" link="#808080" vlink="#808080" alink="#808080">
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr>
<td bgcolor="#336666" width="18" valign="top">
<img border="0" src="../../images/content_lines.gif" width="16" height="25">
<img border="0" src="../../images/transdot.gif" width="2" height="1"></td>
<td bgcolor="#336666"><b><font face="Arial" size="2" color="#FFFFFF">3.2</font></b></td>
<td bgcolor="#336666"><img border="0" src="../../images/transdot.gif" width="10" height="1"></td>
<td bgcolor="#336666" width="100%"><strong>
<font face="Arial" size="2" color="#FFFFFF">PPP Authentication</font></strong></td>
<td width="9" bgcolor="#336666"> </td>
</tr>
<tr>
<td bgcolor="#669999" height="25" width="18"> </td>
<td bgcolor="#669999" height="25"><b>
<font face="Arial" size="2" color="#FFFFFF">3.2.5</font></b></td>
<td bgcolor="#669999"><img border="0" src="../../images/transdot.gif" width="10" height="1"></td>
<td bgcolor="#669999" height="25" width="100%">
<font size="2" color="#FFFFFF"><b><span style="font-family: Arial">Challenge
Handshake Authentication Protocol (CHAP)</span></b></font></td>
<td bgcolor="#669999" height="25" width="9"> </td>
</tr></table>
<table border="0" cellpadding="0" cellspacing="0" width="95%" bordercolor="#111111">
<tr>
<td width="15"></td>
<td>
<font face="Arial" size="2">
CHAP is used at the startup of a link and periodically verifies the
identity of the remote node using a three-way handshake. CHAP is
performed upon initial link establishment and is repeated during the
time the link is established.</font><p>
<font face="Arial" size="2">
After the PPP link establishment phase is complete, the local router
sends a "challenge" message to the remote node.
<img border="0" src="../../images/1.gif" align="absmiddle" width="12" height="12"> The remote
node responds with a value calculated using a one-way hash function,
which is typically Message Digest 5 (MD5). This response is based on
the password and challenge message.
<img border="0" src="../../images/2.gif" align="absmiddle" width="12" height="12"> The local
router checks the response against its own calculation of the expected
hash value. If the values match, the authentication is acknowledged,
otherwise the connection is immediately terminated.
<img border="0" src="../../images/3.gif" align="absmiddle" width="12" height="12"></font></p>
<p>
<font face="Arial" size="2">
CHAP provides protection against playback attack through the use of a
variable challenge value that is unique and unpredictable. Since the
challenge is unique and random, the resulting hash value will also be
unique and random. The use of repeated challenges is intended to limit
the time of exposure to any single attack. The local router or a
third-party authentication server is in control of the frequency and
timing of the challenges. </font> </p>
<TABLE bgcolor="#669999" width="95%" cellspacing="0" cellpadding="0" border="0">
<TR>
<TD width="5">
<img border="0" src="../../images/lab_toplft.gif" width="116" height="23"></TD>
<TD>
<IMG alt="" height="1" width="3" src="../../images/s.gif"></TD><TD align="right" valign="top">
<IMG alt="" src="../../images/corner_ur_7.gif" width="7" height="7"></TD>
</TR>
</TABLE>
<TABLE bgcolor="#B0AFAF" width="95%" cellspacing="0" cellpadding="0" border="0">
<TR>
<TD>
<TABLE width="100%" cellpadding="2" cellspacing="0" border="0" bordercolor="#111111">
<TR>
<TD bgcolor="#ffffff" width="15"> </TD>
<TD bgcolor="#ffffff"><font FACE="Arial" SIZE="2" COLOR="#000000">
<p><font color="#808080">
<a href="javascript:void(0)" onClick="window.open('../../elabs/mod03/elab_3_2_5/elab3_2_5.html','Interactivity','width=740,height=390,toolbar=0,resizable=yes,scrollbars=0,screenX=26,screenY=38,left=26,top=38');">
<img border="0" src="../../images/lab_icon.gif" width="25" height="25"><b></a>
<a href="javascript:void(0)" onClick="window.open('../../elabs/mod03/elab_3_2_5/elab3_2_5.html','Interactivity','width=740,height=390,toolbar=0,resizable=yes,scrollbars=0,screenX=26,screenY=38,left=26,top=38');">Lab Activity</a></b></font></p>
</font><font FACE="Arial" SIZE="2" COLOR="#808080">
<p>e-Lab Activity:
</font><font FACE="Courier New" SIZE="2" COLOR="#808080">
<b>ppp chap hostname </b> <i>hostname</i></p>
</font><font FACE="Arial" SIZE="2" COLOR="#808080">
<p>In this activity, the student will demonstrate how to use
the </font><font FACE="Courier New" SIZE="2" COLOR="#808080">
<b>ppp chap hostname </b> <i>hostname</i></font><font FACE="Arial" SIZE="2" COLOR="#808080">
command to create a pool of dialup routers.</p>
<font FACE="Arial" SIZE="2" COLOR="#000000">
<p></TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
<TABLE bgcolor="#B0AFAF" width="95%" border="0" cellspacing="0" cellpadding="0">
<TR>
<TD valign="top">
<TABLE bgcolor="#669999" width="100%" cellspacing="0" cellpadding="0" border="0">
<TR>
<TD width="5">
<img border="0" src="../../images/lab_toplft.gif" width="116" height="23"></TD>
<TD><IMG alt="" height="1" width="3" src="../../images/s.gif"></TD><TD align="right" valign="top">
<IMG alt="" src="../../images/corner_ur_7.gif" width="7" height="7"></TD>
</TR>
</TABLE>
<TABLE bgcolor="#B0AFAF" width="100%" cellspacing="0" cellpadding="0" border="0">
<TR>
<TD>
<TABLE width="100%" cellpadding="2" cellspacing="0" border="0" bordercolor="#111111">
<TR>
<TD bgcolor="#ffffff" width="15"> </TD>
<TD bgcolor="#ffffff"><font FACE="Arial" SIZE="2" COLOR="#000000">
<p><font color="#808080">
<img border="0" src="../../images/links_icon.gif" width="25" height="25">
<b>Web Links</b></font></p>
</font><font FACE="Arial" SIZE="2" COLOR="#808080">
<p>Understanding and Configuring PPP CHAP Authentication<p>
<a target="_blank" href="http://www.cisco.com/en/US/tech/tk713/tk507/technologies_tech_note09186a00800b4131.shtml">
http://www.cisco.com/en/US/tech/tk713/</a><br>
<a target="_blank" href="http://www.cisco.com/en/US/tech/tk713/tk507/technologies_tech_note09186a00800b4131.shtml">
tk507/technologies_tech_note09186a</a><br>
<a target="_blank" href="http://www.cisco.com/en/US/tech/tk713/tk507/technologies_tech_note09186a00800b4131.shtml">
00800b4131.shtml</a></font></p>
<IMG alt="" height="2" width="1" src="../../images/s.gif"></TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE>
</TD>
</TR>
</TABLE><p>
<font face="Arial" size="2"> </font>
</td>
</tr>
</table>
</body>
</html>
|
