© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.35-1 Establishing Serial Point-To-Point Connections Configuring Serial Point-To-Point Encapsulation.

Презентация:



Advertisements
Похожие презентации
© 2006 Cisco Systems, Inc. All rights reserved. ICND v Completing ISDN Calls Configuring ISDN BRI and PRI.
Advertisements

© 2006 Cisco Systems, Inc. All rights reserved.ISCW v Teleworker Connectivity Verifying Broadband ADSL Configurations.
© 2005 Cisco Systems, Inc. All rights reserved.INTRO v Operating and Configuring Cisco IOS Devices Configuring a Router.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v Establishing Serial Point-To-Point Connections Configuring Frame Relay.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v BGP Overview Monitoring and Troubleshooting BGP.
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Manipulating Routing Updates Implementing Advanced Cisco IOS Features: Configuring DHCP.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v Establishing Serial Point-To-Point Connections Introducing Wide-Area Networks.
© 2005 Cisco Systems, Inc. All rights reserved.INTRO v Connecting to Remote Networks Using Dedicated Connections for WANs.
© 2005 Cisco Systems, Inc. All rights reserved.INTRO v Building a Simple Serial Network Understanding the OSI Model.
© 2005 Cisco Systems, Inc. All rights reserved.INTRO v Managing Your Network Environment Discovering Neighbors on the Network.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v BGP Overview Establishing BGP Sessions.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v Determining IP Routes Enabling RIP.
© 2006 Cisco Systems, Inc. All rights reserved. BSCI v Configuring OSPF Configuring OSPF Authentication.
© 2005 Cisco Systems, Inc. All rights reserved.INTRO v Operating and Configuring Cisco IOS Devices Starting a Switch.
© 2003, Cisco Systems, Inc. All rights reserved. CSPFA Chapter 9 Routing.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v Managing IP Traffic with ACLs Scaling the Network with NAT and PAT.
© 2006 Cisco Systems, Inc. All rights reserved. BCMSN v Implementing Inter-VLAN Routing Describing Routing Between VLANs.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v Frame-Mode MPLS Implementation on Cisco IOS Platforms Troubleshooting Frame-Mode MPLS on Cisco.
© 2005 Cisco Systems, Inc. All rights reserved. IPTX v Configuring Additional Cisco CallManager Express Features Configuring Cisco CallManager Express.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v MPLS VPN Implementation Configuring VRF Tables.
Транксрипт:

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Establishing Serial Point-To-Point Connections Configuring Serial Point-To-Point Encapsulation

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Outline Overview HDLC Encapsulation Configuration PPP Layered Architecture PPP Configuration PPP Session Establishment PPP Authentication Protocols PPP Authentication Configuration Serial Encapsulation Configuration Verification PPP Authentication Configuration Troubleshooting Summary

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Supports only single-protocol environments HDLC Frame Format Uses a proprietary data field to support multiprotocol environments

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Router(config-if)# encapsulation hdlc Enables HDLC encapsulation Uses the default encapsulation on synchronous serial interfaces Configuring HDLC Encapsulation

© 2006 Cisco Systems, Inc. All rights reserved. ICND v PPP can carry packets from several protocol suites using NCP. PPP controls the setup of several link options using LCP. An Overview of PPP

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Layering PPP Elements PPP = Data link with network layer services

© 2006 Cisco Systems, Inc. All rights reserved. ICND v PPP LCP Configuration Options

© 2006 Cisco Systems, Inc. All rights reserved. ICND v PPP Session Establishment Two PPP authentication protocols: PAP and CHAP

© 2006 Cisco Systems, Inc. All rights reserved. ICND v PPP Authentication Protocols Passwords sent in clear text Peer in control of attempts

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Challenge Handshake Authentication Protocol Hash values, not actual passwords, are sent across the link. The local router or external server is in control of attempts.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Configuring PPP and Authentication Overview

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Router(config-if)# encapsulation ppp Enables PPP encapsulation Configuring PPP

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Router(config)# hostname name Assigns a host name to your router Router(config)# username name password password Identifies the username and password of remote router Configuring PPP Authentication

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Router(config-if)# ppp authentication {chap | chap pap | pap chap | pap} Enables PAP or CHAP authentication Configuring PPP Authentication (Cont.)

© 2006 Cisco Systems, Inc. All rights reserved. ICND v CHAP Configuration Example

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Router# show interface s0 Serial0 is up, line protocol is up Hardware is HD64570 Internet address is /24 MTU 1500 bytes, BW 1544 Kbit, DLY usec, rely 255/255, load 1/255 Encapsulation PPP, loopback not set, keepalive set (10 sec) LCP Open Open: IPCP, CDPCP Last input 00:00:05, output 00:00:05, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec packets input, bytes, 0 no buffer Received broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort packets output, bytes, 0 underruns 0 output errors, 0 collisions, 6045 interface resets 0 output buffer failures, 0 output buffers swapped out 482 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up Verifying the HDLC and PPP Encapsulation Configuration

© 2006 Cisco Systems, Inc. All rights reserved. ICND v debug ppp authentication shows successful CHAP output. Verifying PPP Authentication

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Verifying PPP Negotiation Router# debug ppp negotiation PPP protocol negotiation debugging is on Router# *Mar 1 00:06:36.645: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up *Mar 1 00:06:36.661: BR0:1 PPP: Treating connection as a callin *Mar 1 00:06:36.665: BR0:1 PPP: Phase is ESTABLISHING, Passive Open *Mar 1 00:06:36.669: BR0:1 LCP: State is Listen *Mar 1 00:06:37.034: BR0:1 LCP: I CONFREQ [Listen] id 7 len 17 *Mar 1 00:06:37.038: BR0:1 LCP: AuthProto PAP (0x0304C023) *Mar 1 00:06:37.042: BR0:1 LCP: MagicNumber 0x507A214D (0x A214D) *Mar 1 00:06:37.046: BR0:1 LCP: Callback 0 (0x0D0300) *Mar 1 00:06:37.054: BR0:1 LCP: O CONFREQ [Listen] id 4 len 15 *Mar 1 00:06:37.058: BR0:1 LCP: AuthProto CHAP (0x0305C22305) *Mar 1 00:06:37.062: BR0:1 LCP: MagicNumber 0x1081E7E1 (0x E7E1) *Mar 1 00:06:37.066: BR0:1 LCP: O CONFREJ [Listen] id 7 len 7 *Mar 1 00:06:37.070: BR0:1 LCP: Callback 0 (0x0D0300) *Mar 1 00:06:37.098: BR0:1 LCP: I CONFACK [REQsent] id 4 len 15 *Mar 1 00:06:37.102: BR0:1 LCP: AuthProto CHAP (0x0305C22305) *Mar 1 00:06:37.106: BR0:1 LCP: MagicNumber 0x1081E7E1 (0x E7E1) *Mar 1 00:06:37.114: BR0:1 LCP: I CONFREQ [ACKrcvd] id 8 len 14 *Mar 1 00:06:37.117: BR0:1 LCP: AuthProto PAP (0x0304C023) *Mar 1 00:06:37.121: BR0:1 LCP: MagicNumber 0x507A214D (0x A214D)

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Summary The encapsulation hdlc interface configuration command can be used to specify HDLC encapsulation on the interface. PPP lower-level functions use synchronous and asynchronous physical media and ISDN. PPP higher-level functions carry packets from several network layer protocols using NCPs. Configurable aspects of PPP include methods of authentication, compression, and error detection and whether multilink is supported. PPP session establishment progresses through three phases: link establishment, authentication, and network layer protocol.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v Summary (Cont.) When configuring PPP authentication, you can select PAP or CHAP. CHAP provides protection from playback and repeated trial-and-error attacks. The encapsulation ppp command can be used to enable PPP, and the ppp authentication command can be used to authenticate PPP. The show interface command can be used to verify proper configuration of PPP encapsulation. The debug ppp authentication command displays the authentication exchange sequence and enables you to troubleshoot PPP.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v