Current configuration : 872 bytes ! version 12.2 no service single-slot-reload-enable service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname r1 ! logging rate-limit console 10 except errors enable secret 5 $1$RmSI$ag2/0QP2W25IAmvPdJJhJ. ! username r2 password 0 123 ip subnet-zero no ip finger ! no ip dhcp-client network-discovery ! ! ! ! interface Ethernet0 no ip address shutdown ! interface Serial0 no ip address shutdown ! interface Serial1 ip address 1.1.1.1 255.255.255.0 encapsulation ppp clockrate 64000 ppp authentication pap ppp pap sent-username r1 password 7 055A545C ! interface BRI0 no ip address shutdown isdn x25 static-tei 0 cdapi buffers regular 0 cdapi buffers raw 0 cdapi buffers large 0 ! ip kerberos source-interface any ip classless ip http server ! ! ! line con 0 transport input none line aux 0 line vty 0 4 ! end
R2上信息interface Ethernet0 no ip address shutdown ! interface Serial0 no ip address shutdown ! interface Serial1 ip address 1.1.1.2 255.255.255.0 encapsulation ppp ppp authentication chap ppp pap sent-username r2 password 7 075E731F ! ip kerberos source-interface any ip classless ip http server
然后将R1的S1口shutdown后在打开
r1(config)#int s1 r1(config-if)#shut r1(config-if)# 02:51:42: %LINK-5-CHANGED: Interface Serial1, changed state to administratively down 02:51:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1, changed state to down r1(config-if)#no shut
然后做P测试
r1#p 1.1.1.2
Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1.1.1.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms
????????为什么呀!
由 Anonymous 在 星期六, 08/04/2007 - 02:30 发表。
这是在R1上打开deb ppp authen 后看到的现象!!!!!!
02:59:15: Se1 PPP: Treating connection as a dedicated line 02:59:15: Se1 CHAP: I CHALLENGE id 4 len 23 from "r2" 02:59:15: Se1 PAP: I AUTH-REQ id 4 len 11 from "r2" 02:59:15: Se1 CHAP: O RESPONSE id 4 len 23 from "r1" 02:59:15: Se1 PAP: Authenticating peer r2 02:59:15: Se1 PAP: O AUTH-ACK id 4 len 5 02:59:15: Se1 CHAP: I SUCCESS id 4 len 4
由 Anonymous 在 星期六, 08/04/2007 - 02:45 发表。
是通的,我刚才也做了,可能跟ppp pap sent-username r2 password 7 075E731F这句有关!如果r1 r2 都不加这一句,关了再开是不通的!
由 Anonymous 在 星期六, 08/04/2007 - 03:02 发表。
是的,我认为chap和pap是可以兼容的!!!!!!!!!!!!!!
R2发信息ppp pap sent-username r2 password 7 075E731F给R1并且R1运行的是pap,R2可以通过R1的认证,
没有试验配置,调试记录的问题贴,基本上很难给你正确的答复
R1(config-if)#encapsulation ppp
R1(config-if)#ppp authentication pap
R1(config-if)#end
R2(config-if)#en
R2(config-if)#encapsulation ppp
R2(config-if)#end
R1(config-if)#encapsulation ppp
R1(config-if)#ppp authentication pap
R1(config-if)#end
R2(config-if)#en
R2(config-if)#encapsulation ppp
R2(config-if)#end
楼主的配置有问题。
要先把认证模式改成pap后在shutdown no shutdown
R1上信息
Building configuration...
Current configuration : 872 bytes
!
version 12.2
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r1
!
logging rate-limit console 10 except errors
enable secret 5 $1$RmSI$ag2/0QP2W25IAmvPdJJhJ.
!
username r2 password 0 123
ip subnet-zero
no ip finger
!
no ip dhcp-client network-discovery
!
!
!
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
no ip address
shutdown
!
interface Serial1
ip address 1.1.1.1 255.255.255.0
encapsulation ppp
clockrate 64000
ppp authentication pap
ppp pap sent-username r1 password 7 055A545C
!
interface BRI0
no ip address
shutdown
isdn x25 static-tei 0
cdapi buffers regular 0
cdapi buffers raw 0
cdapi buffers large 0
!
ip kerberos source-interface any
ip classless
ip http server
!
!
!
line con 0
transport input none
line aux 0
line vty 0 4
!
end
no ip address
shutdown
!
interface Serial0
no ip address
shutdown
!
interface Serial1
ip address 1.1.1.2 255.255.255.0
encapsulation ppp
ppp authentication chap
ppp pap sent-username r2 password 7 075E731F
!
ip kerberos source-interface any
ip classless
ip http server
r1(config-if)#shut
r1(config-if)#
02:51:42: %LINK-5-CHANGED: Interface Serial1, changed state to administratively down
02:51:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1, changed state to down
r1(config-if)#no shut
Sending 5, 100-byte ICMP Echos to 1.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms
02:59:15: Se1 CHAP: I CHALLENGE id 4 len 23 from "r2"
02:59:15: Se1 PAP: I AUTH-REQ id 4 len 11 from "r2"
02:59:15: Se1 CHAP: O RESPONSE id 4 len 23 from "r1"
02:59:15: Se1 PAP: Authenticating peer r2
02:59:15: Se1 PAP: O AUTH-ACK id 4 len 5
02:59:15: Se1 CHAP: I SUCCESS id 4 len 4
是的,我认为chap和pap是可以兼容的!!!!!!!!!!!!!!