Help to understand ppp authentication

[ivoestg]

hello
i try to do DDR betwen 2 cisco 760 routers
the problem is that the command

diag ppp
says that "secret fail for user atlanta"
so my ppp authentication is not correct
next i give you the routers configuration can you please explain me how ppp authentication work and what's wrong on my configuration?

ROUTER A:

Atlanta> cd lan
Atlanta:LAN> set bridging off
Atlanta:LAN> set ip routing on
Atlanta:LAN> cd
Atlanta> set user Boston
Atlanta:Boston> set ppp clientname Atlanta
Atlanta:Boston> set ppp secret client
Enter new Password: cisco
Re-Type new Password: cisco
Atlanta:Boston> set ppp secret host
Enter new Password: gocisco1
Re-Type new Password: gocisco1
Atlanta:Boston> set bridging off
Atlanta:Boston> set ip routing on
Atlanta:Boston> set ip rip update off
Atlanta:Boston> set ip route destination 194.4.5.0 gateway 194.4.5.254
Atlanta:Boston> set 1 number 987654321
Atlanta:Boston> set ppp authentication outgoing chap
Atlanta:Boston> set timeout 300
Atlanta:Boston> set active

ROUTER B:

Boston> cd lan
Boston:LAN> set bridging off
Boston:LAN> set ip routing on
Boston:LAN> cd
Boston> set user Atlanta
Boston:Atlanta> set ppp clientname Boston
Boston:Atlanta> set ppp secret client
Enter new Password: gocisco1
Re-Type new Password: gocisco1
Boston:Atlanta> set ppp secret host
Enter new Password: cisco
Re-Type new Password: cisco
Boston:Atlanta> set bridging off
Boston:Atlanta> set ip routing on
Boston:Atlanta> set ip rip update off
Boston:Atlanta> set ip route destination 192.4.5.0 gateway 192.4.5.254
Boston:Atlanta> set 1 number 123456789
Boston:Atlanta> set ppp authentication outgoing chap

Boston:Atlanta> set timeout 300
Boston:Atlanta> set active
thanks...

I'm in ivoestg@yahoo.com

 

[duncandog]

Basically, your passwords need to match for your secret host passwords. There is a reason for this, secret denotes the use of chap and this protocol does not transmit passwords. It encrypts data with the password (the challenge from the dialled router), the remote router strips the packets and recognises that the user (incoming is whoever?) and that the password configured for him on this router should be ??? (in your case cisco) but you are providing a password of gocisco1 (dialling router). These will not match and therefore authentication fails.

I had similar trouble recently. I recommend setting the secret client password at global level and it is the incoming password dialling routers must provide (however unuseful if you are specifying different levels of passwords for different peers).

Duncandog

 

[ivoestg]

thancks
but i don´t understand yet
inglish problems...
can you give me one example tell me what password i must write

ROUTER A:

Atlanta> set user Boston
Atlanta:Boston> set ppp clientname Atlanta
Atlanta:Boston> set ppp secret client
Enter new Password: ___________________________
Re-Type new Password: _________________________
Atlanta:Boston> set ppp secret host
Enter new Password: ___________________________
Re-Type new Password: _________________________

Atlanta:Boston> set ppp authentication outgoing chap

ROUTER B:

Boston> set user Atlanta
Boston:Atlanta> set ppp clientname Boston
Boston:Atlanta> set ppp secret client
Enter new Password: _____________________
Re-Type new Password: ___________________
Boston:Atlanta> set ppp secret host
Enter new Password: _____________________
Re-Type new Password: ___________________

Boston:Atlanta> set ppp authentication outgoing chap

thanks...

I'm in ivoestg@yahoo.com

 

[duncandog]

Iwould set all passwords to be the same and then you shouldn't have problems. Passwords must match, be the same.

Client is an incoming pwd and host is for outgoing.

 

[ivoestg]

i already try and didn't work thanks...

I'm in ivoestg@yahoo.com