实验拓朴:
实验目的:
1. 按照实验要求连接拓扑
2. 配置ROUTER1与ROUTER2之间的PPP及CHAP认证
3. 配置ROUTER2与ROUTER3之间的PPP及多链路
4. 配置ROUTER2与ROUTER3之间的PAP认证【双向】
实验环境描述:
通过PPP协议对3台路由进行配置.使两边的主机可以互访.
实验主体简介:
1> PPP协议的概论
广域网连接使用的数据链路层协议有帧中继 . PPP ' ATM等,其中应用最广泛的PPP协议.PPP是"Point to Point Protocol 点到点协议的简称,PPP以及衍生出PPPoE. PPPoA. 等协议成为目前广域网连接和带宽接入中使用最多的数据链路层协议.
2> PPP协议原理.
PPP协议提供了一种在点对点链路上传输多协议数据包的标准方法.它设计的目的是用简单的链路在两上接点之间传输数据,从而为各种主机网络提供一种通用的网络互联解决方案.
3>PPP认证方法.
PAP (Password Authentication Protocol,密码认证协议) 是一种两次握手认证协议,传输过程中是进行明文传输,互放对方的用户名和密码的.
CHAP (Challenge Hand Authentication Protocol,质询握手认证协议)是一种3次握手的认证协议,它只能要网络上传输用户名而不传送口今,因此安全性比PAP高.
实验拓朴改动说明:
VS1/VS2 这里我用的是虚拟PC1/PC2,R1为CHAP的主认证端。
Router1 S0/0 <----> Router2 S0/3
Router1 F 1/0 <----> VPCS V0/1
Router2 S0/1 <----> Router3 S0/1
Router2 S0/2 <----> Router3 S0/2
Router3 F 1/0 <----> VPCS V0/2
实验步骤:
1.搭环境.
2.CHAP相关配置:
R1相关配置。
r1(config)#in f1/0 联接PC1端口。
r1(config-if)#ip add 192.168.3.1 255.255.255.0
r1(config-if)#no sh
r1(config-if)#exit
r1(config-if)#ip add 192.168.3.1 255.255.255.0
r1(config-if)#no sh
r1(config-if)#exit
r1(config)#username r2 password 111111 用户为对端路由名字,密码两端相同
r1(config)#in s0/0 进入S0/0口
r1(config-if)#ip add 192.168.1.1 255.255.255.0
r1(config-if)#encapsulation ppp 接口封装PPP
r1(config-if)#ppp authentication chap 启用chap认证
r1(config-if)#peer default ip address 192.168.1.3 与对端协商地址为192.168.1.3
r1(config-if)#clock rate 64000 DCE同步时钟。
r1(config-if)#no sh
r1(config-if)#ip add 192.168.1.1 255.255.255.0
r1(config-if)#encapsulation ppp 接口封装PPP
r1(config-if)#ppp authentication chap 启用chap认证
r1(config-if)#peer default ip address 192.168.1.3 与对端协商地址为192.168.1.3
r1(config-if)#clock rate 64000 DCE同步时钟。
r1(config-if)#no sh
r1#show ip in br
Interface IP-Address OK? Method Status Protocol
Serial0/0 192.168.1.1 YES manual up down
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
FastEthernet1/0 192.168.3.1 YES manual up up
Interface IP-Address OK? Method Status Protocol
Serial0/0 192.168.1.1 YES manual up down
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
FastEthernet1/0 192.168.3.1 YES manual up up
r1#show interfaces s0/0
Serial0/0 is up, line protocol is down
Hardware is M4T
Internet address is 192.168.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Listen, crc 16, loopback not set
Keepalive set (10 sec)
Restart-Delay is 0 secs
Last input 00:24:36, output 00:00:24, output hang never
Last clearing of "show interface" counters 00:12:13
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
20 packets output, 380 bytes, 0 underruns
0 output errors, 0 collisions, 4 interface resets
0 output buffer failures, 0 output buffers swapped out
4 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up
Serial0/0 is up, line protocol is down
Hardware is M4T
Internet address is 192.168.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Listen, crc 16, loopback not set
Keepalive set (10 sec)
Restart-Delay is 0 secs
Last input 00:24:36, output 00:00:24, output hang never
Last clearing of "show interface" counters 00:12:13
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
20 packets output, 380 bytes, 0 underruns
0 output errors, 0 collisions, 4 interface resets
0 output buffer failures, 0 output buffers swapped out
4 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up
R2相关配置
r2(config)#username r1 password 111111 用户为对端路由名字,密码两端相同
r2(config)#in s0/3
r2(config-if)#encapsulation ppp
r2(config-if)#ip add 192.168.1.2 255.255.255.0
r2(config-if)#no sh
r2(config-if)#encapsulation ppp
r2(config-if)#ip add 192.168.1.2 255.255.255.0
r2(config-if)#no sh
r2(config)#do show ip in br
Interface IP-Address OK? Method Status Protocol
Serial0/0 unassigned YES TFTP administratively down down
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 192.168.1.2 YES manual up up
Interface IP-Address OK? Method Status Protocol
Serial0/0 unassigned YES TFTP administratively down down
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 192.168.1.2 YES manual up up
r2(config)#in s0/3
r2(config-if)#encapsulation ppp
r2(config-if)#ip address negotiated IP地址协商
r2(config-if)#ppp authentication chap 启用chap认证。
r2(config-if)#no sh
r2(config-if)#encapsulation ppp
r2(config-if)#ip address negotiated IP地址协商
r2(config-if)#ppp authentication chap 启用chap认证。
r2(config-if)#no sh
r2#show ip in br
Interface IP-Address OK? Method Status Protocol
Serial0/0 unassigned YES manual administratively down down
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 192.168.1.3 YES IPCP up up
Interface IP-Address OK? Method Status Protocol
Serial0/0 unassigned YES manual administratively down down
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 192.168.1.3 YES IPCP up up
r2(config)#in s0/3
r2(config-if)#no encapsulation ppp 测试关闭PPP协议后,IP发生的变化.
r2(config-if)#exit
r2(config-if)#no encapsulation ppp 测试关闭PPP协议后,IP发生的变化.
r2(config-if)#exit
r2#show ip in br
Interface IP-Address OK? Method Status Protocol
Serial0/0 unassigned YES manual administratively down down
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES IPCP up up
Interface IP-Address OK? Method Status Protocol
Serial0/0 unassigned YES manual administratively down down
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES IPCP up up
分析:在配置了IP 地址协商,原接口上的IP会被删除,当PPP建立连接后,会由对端分配一个IP 地址;如果PPP被终止,分配到的IP 地址就会被删除,接口又回到没有IP 地址的状态。
r1#show ip in br
Interface IP-Address OK? Method Status Protocol
Serial0/0 192.168.1.1 YES manual up up
Serial0/1 unassigned YES unset administratively down down
Serial0/2 unassigned YES unset administratively down down
Serial0/3 unassigned YES unset administratively down down
FastEthernet1/0 192.168.3.1 YES manual up up
r2#show interfaces s0/3
Serial0/3 is up, line protocol is up
Hardware is M4T
Internet address is 192.168.1.3/32
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: IPCP, CDPCP, crc 16, loopback not set
Keepalive set (10 sec)
Last input 00:00:51, output 00:00:01, output hang never
Last clearing of "show interface" counters 00:11:06
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
180 packets input, 9726 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
176 packets output, 8681 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
1 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up
r1#show interfaces s0/0
Serial0/0 is up, line protocol is up 很明显和第一次显示的不一样.Protocol is up .
Hardware is M4T
Internet address is 192.168.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open 很明显和第一次显示的不一样.LCP Open.
Open: IPCP, CDPCP, crc 16, loopback not set
Keepalive set (10 sec)
Restart-Delay is 0 secs
Last input 00:00:13, output 00:00:07, output hang never
Last clearing of "show interface" counters 01:06:31
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
423 packets input, 21095 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
808 packets output, 30300 bytes, 0 underruns
0 output errors, 0 collisions, 43 interface resets
0 output buffer failures, 0 output buffers swapped out
43 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up
测试联通性
r2#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/91/128 ms
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/91/128 ms
r1#ping 192.168.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/60/120 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/60/120 ms
2.PAP认证配置<双向>:
双链路的绑定
r2(config)#in multilink 10 建立多重连接10<编号>
r2(config-if)#ip add 192.168.2.1 255.255.255.0
r2(config-if)#ppp multilink
r2(config-if)#ppp multilink group 10
r2(config-if)#ip add 192.168.2.1 255.255.255.0
r2(config-if)#ppp multilink
r2(config-if)#ppp multilink group 10
r2(config)#in s0/1
r2(config-if)#encapsulation ppp
r2(config-if)#no ip address
r2(config-if)#serial restart-delay 0
r2(config-if)#ppp multilink
r2(config-if)#ppp multilink group 10
r2(config-if)#no sh
r2(config)#in s0/2
r2(config-if)#encapsulation ppp
r2(config-if)#no ip address
r2(config-if)#serial restart-delay 0
r2(config-if)#ppp multilink
r2(config-if)#ppp multilink group 10
r2(config-if)#no sh
r2(config-if)#encapsulation ppp
r2(config-if)#no ip address
r2(config-if)#serial restart-delay 0
r2(config-if)#ppp multilink
r2(config-if)#ppp multilink group 10
r2(config-if)#no sh
r2(config)#in s0/2
r2(config-if)#encapsulation ppp
r2(config-if)#no ip address
r2(config-if)#serial restart-delay 0
r2(config-if)#ppp multilink
r2(config-if)#ppp multilink group 10
r2(config-if)#no sh
分析:
serial restart-delay 连续重启延时0代表不重启,>0(比如30)代表30秒后重启路由器。一般默认为0,除了特殊情况才作更改。
PPP Multilink协议(MP)是PPP(点对点协议)的扩展,它具有绑定两条或多条同步并行连接的能力。所产生的虚拟连接拥有的带宽等于各条独立连接的带宽的总和。
r2#show ip in br
Interface IP-Address OK? Method Status Protocol
Serial0/0 unassigned YES TFTP up down
Serial0/1 unassigned YES unset up down
Serial0/2 unassigned YES manual up down
Serial0/3 192.168.1.2 YES IPCP up up
Multilink10 192.168.2.1 YES manual down down
Interface IP-Address OK? Method Status Protocol
Serial0/0 unassigned YES TFTP up down
Serial0/1 unassigned YES unset up down
Serial0/2 unassigned YES manual up down
Serial0/3 192.168.1.2 YES IPCP up up
Multilink10 192.168.2.1 YES manual down down
r3(config)#in multilink 10
r3(config-if)#ip add 192.168.2.2 255.255.255.0
r3(config-if)#ppp multilink
r3(config-if)#ppp multilink group 10
r3(config-if)#no sh
r3(config)#in s0/1
r3(config-if)#encapsulation ppp
r3(config-if)#no ip address
r3(config-if)#serial restart-delay 0
r3(config-if)#ppp multilink
r3(config-if)#ppp multilink group 10
r3(config-if)#no sh
r3(config-if)#exit
r3(config-if)#encapsulation ppp
r3(config-if)#no ip address
r3(config-if)#serial restart-delay 0
r3(config-if)#ppp multilink
r3(config-if)#ppp multilink group 10
r3(config-if)#no sh
r3(config-if)#exit
r3(config)#in s0/2
r3(config-if)#encapsulation ppp
r3(config-if)#no ip add
r3(config-if)#serial restart-delay 0
r3(config-if)#ppp multilink
r3(config-if)#ppp multilink group 10
r3(config-if)#no sh
r3(config-if)#encapsulation ppp
r3(config-if)#no ip add
r3(config-if)#serial restart-delay 0
r3(config-if)#ppp multilink
r3(config-if)#ppp multilink group 10
r3(config-if)#no sh
r3#show ip in br
Interface IP-Address OK? Method Status Protocol
Serial0/0 unassigned YES unset administratively down down
Serial0/1 unassigned YES manual up up
Serial0/2 unassigned YES manual up up
Serial0/3 unassigned YES unset administratively down down
FastEthernet1/0 unassigned YES unset administratively down down
Multilink10 192.168.2.2 YES manual up up
Interface IP-Address OK? Method Status Protocol
Serial0/0 unassigned YES unset administratively down down
Serial0/1 unassigned YES manual up up
Serial0/2 unassigned YES manual up up
Serial0/3 unassigned YES unset administratively down down
FastEthernet1/0 unassigned YES unset administratively down down
Multilink10 192.168.2.2 YES manual up up
r2#show ip in br
Interface IP-Address OK? Method Status Protocol
Serial0/0 unassigned YES TFTP up down
Serial0/1 unassigned YES unset up up
Serial0/2 unassigned YES manual up up
Serial0/3 192.168.1.2 YES IPCP up up
Multilink10 192.168.2.1 YES manual up up
r2#show interfaces multilink 10
Multilink10 is up, line protocol is up
Hardware is multilink group interface
Internet address is 192.168.2.1/24
MTU 1500 bytes, BW 3088 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open
Open: IPCP, CDPCP, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 2 seconds on reset
Last input 00:00:29, output never, output hang never
Last clearing of "show interface" counters 00:25:36
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
37 packets input, 6141 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
38 packets output, 6758 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
Multilink10 is up, line protocol is up
Hardware is multilink group interface
Internet address is 192.168.2.1/24
MTU 1500 bytes, BW 3088 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open
Open: IPCP, CDPCP, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 2 seconds on reset
Last input 00:00:29, output never, output hang never
Last clearing of "show interface" counters 00:25:36
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
37 packets input, 6141 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
38 packets output, 6758 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
r3#show interfaces multilink 10
Multilink10 is up, line protocol is up
Hardware is multilink group interface
Internet address is 192.168.2.2/24
MTU 1500 bytes, BW 3088 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open
Open: IPCP, CDPCP, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 2 seconds on reset
Last input 00:00:41, output never, output hang never
Last clearing of "show interface" counters 00:14:16
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
37 packets input, 6614 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
38 packets output, 6898 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
Multilink10 is up, line protocol is up
Hardware is multilink group interface
Internet address is 192.168.2.2/24
MTU 1500 bytes, BW 3088 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open, multilink Open
Open: IPCP, CDPCP, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 2 seconds on reset
Last input 00:00:41, output never, output hang never
Last clearing of "show interface" counters 00:14:16
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
37 packets input, 6614 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
38 packets output, 6898 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
以R2 做为主认证端,做单向认证
r2(config)#username benet password 1234
r2(config)#in multilink 10
r2(config-if)#ppp authentication pap
r2(config-if)#no sh
*Mar 1 00:50:17.027: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down
*Mar 1 00:50:17.031: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/2, changed state to down
*Mar 1 00:50:17.055: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink10, changed state to down
r2(config)#in multilink 10
r2(config-if)#ppp authentication pap
r2(config-if)#no sh
*Mar 1 00:50:17.027: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down
*Mar 1 00:50:17.031: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/2, changed state to down
*Mar 1 00:50:17.055: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink10, changed state to down
分析:以上可以看到的情况,是因为对端没有配置PAP。因些 接口down.
r3(config)#in multilink 10
r3(config-if)#ppp pap sent-username benet password 1234
r3(config-if)#no sh
*Mar 1 00:51:35.983: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
*Mar 1 00:51:35.995: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink10, changed state to up
*Mar 1 00:51:36.007: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/2, changed state to up
r3(config-if)#no sh
r3(config-if)#exit
r3(config)#in multilink 10
r3(config-if)#ppp pap sent-username benet password 1234
r3(config-if)#no sh
*Mar 1 00:51:35.983: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
*Mar 1 00:51:35.995: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink10, changed state to up
*Mar 1 00:51:36.007: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/2, changed state to up
r3(config-if)#no sh
r3(config-if)#exit
*Mar 1 00:51:35.067: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
*Mar 1 00:51:35.087: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink10, changed state to up
*Mar 1 00:51:35.095: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/2, changed state to up
*Mar 1 00:51:35.087: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink10, changed state to up
*Mar 1 00:51:35.095: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/2, changed state to up
分析:可以看到,在对端配个PAP USER AND PASSWORD后,两边的接口都UP 。
r2#ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/102/216 ms
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/102/216 ms
r2#ping 192.168.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/55/136 ms
Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/55/136 ms
r3#ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/74/156 ms
r3#
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/74/156 ms
r3#
双向认证,以R3做主认证
r3(config)#username be password 123
r3(config)#in multilink 10
r3(config-if)#ppp authentication pap
*Mar 1 01:13:12.227: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down
*Mar 1 01:13:12.227: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/2, changed state to down
*Mar 1 01:13:12.243: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink10, changed state to down
r3(config-if)#no sh
r3(config-if)#exit
r3(config)#in multilink 10
r3(config-if)#ppp authentication pap
*Mar 1 01:13:12.227: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down
*Mar 1 01:13:12.227: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/2, changed state to down
*Mar 1 01:13:12.243: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink10, changed state to down
r3(config-if)#no sh
r3(config-if)#exit
r2(config)#in multilink 10
r2(config-if)#ppp pap sent-username be password 123
r2(config-if)#ppp pap sent-username be password 123
r3#
*Mar 1 01:14:03.771: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink10, changed state to up
r3#
*Mar 1 01:14:04.027: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
*Mar 1 01:14:04.143: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/2, changed state to up
r2
*Mar 1 01:14:03.071: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
*Mar 1 01:14:03.083: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink10, changed state to up
*Mar 1 01:14:03.311: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/2, changed state to up
*Mar 1 01:14:03.771: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink10, changed state to up
r3#
*Mar 1 01:14:04.027: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
*Mar 1 01:14:04.143: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/2, changed state to up
r2
*Mar 1 01:14:03.071: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up
*Mar 1 01:14:03.083: %LINEPROTO-5-UPDOWN: Line protocol on Interface Multilink10, changed state to up
*Mar 1 01:14:03.311: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/2, changed state to up
r2#ping 192.168.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/72/120 ms
r2#
Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/72/120 ms
r2#
r3#ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/67/136 ms
r3#
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/67/136 ms
r3#
