authenticating both the peers - PPP

This is a discussion on authenticating both the peers - PPP ; Hi, I would like to authenticate both the peers. But when I configure the pppd options file with require-pap option on both sides, one of the peer (acting as a server) sends config-rej to the config-req packet with the pap ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: authenticating both the peers

  1. authenticating both the peers

    Hi,

    I would like to authenticate both the peers. But when I configure the
    pppd options file
    with require-pap option on both sides, one of the peer (acting as a
    server) sends config-rej to the config-req packet with the pap
    authentication option.

    the sequence is as follows from the peer acting as the server (not the
    actual log)

    recvd [config-req ]
    sent [config-req ]
    sent [config-rej ]

    What should I do?

    Thanks & Regards,
    Sriram K


  2. Re: authenticating both the peers

    "ksriram29@gmail.com" writes:
    > the sequence is as follows from the peer acting as the server (not the
    > actual log)
    >
    > recvd [config-req ]
    > sent [config-req ]
    > sent [config-rej ]
    >
    > What should I do?


    This means that on the system sending the Configure-Reject you don't
    have any local credentials that could be sent to the peer for
    authentication.

    Pppd will refuse to authenticate itself to the peer if there are no
    locally configured credentials.

    To configure credentials, you *may* need to set up a local user name
    via the "user" option, and you *must* set up information in the
    /etc/ppp/pap-secrets or /etc/ppp/chap-secrets files.

    For example, you could set up one node this way:

    pppd options:
    user peer-a

    /etc/ppp/pap-secrets:
    peer-b * "other password" *
    peer-a * "my password"

    And on the other node this way:

    pppd options:
    user peer-b

    /etc/ppp/pap-secrets:
    peer-a * "my password" *
    peer-b * "other password"

    Note the fourth field (the allowed IP addresses, specified as "*"
    here) in the entries used to authenticate the peer (when acting as
    authenticator). This is required. It is not required for the entries
    that are used as local credentials (when acting as an authenticatee).

    There are many other ways to set something like this up. See the man
    page for details.

    --
    James Carlson, KISS Network
    Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084
    MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677

  3. Re: authenticating both the peers

    "ksriram29@gmail.com" writes:

    >Hi,


    >I would like to authenticate both the peers. But when I configure the
    >pppd options file
    >with require-pap option on both sides, one of the peer (acting as a
    >server) sends config-rej to the config-req packet with the pap
    >authentication option.


    You forgot to tell it how to authenticate the far side. Hint
    /etc/ppp/chap-secrets.



    >the sequence is as follows from the peer acting as the server (not the
    >actual log)


    And why in the world would you post a made up log?


    >recvd [config-req ]
    >sent [config-req ]
    >sent [config-rej ]


    Set up your /etc/ppp/pap-secrets file.


    >What should I do?


    >Thanks & Regards,
    >Sriram K



  4. Re: authenticating both the peers

    Sorry for not posting the logs. I have successfully configured to
    authenticate both the peers.
    Thanks all of you. I will post with the logs here after.

    Thanks and Regards,
    Sriram K

    Unruh wrote:
    > "ksriram29@gmail.com" writes:
    >
    > >Hi,

    >
    > >I would like to authenticate both the peers. But when I configure the
    > >pppd options file
    > >with require-pap option on both sides, one of the peer (acting as a
    > >server) sends config-rej to the config-req packet with the pap
    > >authentication option.

    >
    > You forgot to tell it how to authenticate the far side. Hint
    > /etc/ppp/chap-secrets.
    >
    >
    >
    > >the sequence is as follows from the peer acting as the server (not the
    > >actual log)

    >
    > And why in the world would you post a made up log?
    >
    >
    > >recvd [config-req ]
    > >sent [config-req ]
    > >sent [config-rej ]

    >
    > Set up your /etc/ppp/pap-secrets file.
    >
    >
    > >What should I do?

    >
    > >Thanks & Regards,
    > >Sriram K



+ Reply to Thread