dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1916

KaylaIT
FTTB
Premium Member
join:2012-07-26
Calgary, AB

1 edit

KaylaIT

Premium Member

Problems with PPP and Cisco

Hi

I am having a problem with my Cisco router and PPP, I cannot get it to authenticate. The problem is that I am receiving a CHAP challenge from the server and it rejects any negotiations for PAP. Has anyone seen this before? I can confirm that my laptop and Zyxel 1432 can authenticate properly. If anyone can provide the LCP negotiation from wireshark it would be much appriciated.

EDIT: I am in Calgary but any info from the east is welcomed.

Randal
sgtux
join:2012-07-14

sgtux

Member

I'm running Cisco 1921 router bonding 2 VDSL lines (MLPPP). I've never seen any problems with PPP authentication. I'm in Toronto (GTA). Here is my Dialer interface configuration:

!
interface Dialer0
ip address negotiated
ip access-group 1 in
ip access-group 1 out
no ip redirects
no ip proxy-arp
ip mtu 1492
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp pap sent-username [removed] password [removed]
ppp ipcp address accept
ppp multilink
ppp multilink fragment disable
no cdp enable
hold-queue 224 in
!

As you can see I don't configure PPP CHAP authentication at all.

spock8
join:2012-07-08

1 edit

spock8

Member

Here is mine running a 6meg connection out west running on a c2621

One thing I noticed is that for me to connect I had to add a chap and pap username and password. If I take the chap out it will not work. Odd but when doing a debug I found this.

Vi1 PPP: No authorization without authentication
Vi1 CHAP: I CHALLENGE id 140 len 46 from "VANCBC01AR08"
Vi1 CHAP: Using hostname from interface CHAP
CHAP: Using password from interface CHAP

googling "VANCBC01AR08" tells us it is a telus router in vancouver by the looks of it and it was asking for a chap username and password. Once it does that I was then asked for a PAP

interface FastEthernet0/0
description TEKSAVVY ISP
no ip address
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
no cdp enable

interface Dialer1
description WAN - ISP - 700kbps up 5000kbps down
mtu 1477
bandwidth 700
ip address negotiated
no ip proxy-arp
ip nat outside
ip nbar protocol-discovery
encapsulation ppp
ip route-cache flow
no ip mroute-cache
dialer pool 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname "username"
ppp chap password "password"
ppp pap sent-username "username" password "password"
ppp ipcp dns request accept
ppp ipcp address accept
service-policy output QOS-VOIP

KaylaIT
FTTB
Premium Member
join:2012-07-26
Calgary, AB

KaylaIT

Premium Member

Hi Spock

Thanks for the info, adding CHAP to the dialer has resolved the issue. I have confirmed that the Telus Edge devices are sending a CHAP challenge first once there is a valid response then they start a PAP authentication.

Randal