NA-NP-IE系列实验30:CHAP 认证
生活随笔
收集整理的這篇文章主要介紹了
NA-NP-IE系列实验30:CHAP 认证
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
實驗30:CHAP?認證 1.?實驗目的 通過本實驗,讀者可以掌握如下技能: (1) CHAP?認證的配置方法(使用“username?用戶名?password?密碼” 命令為對方配置用戶名和密碼,需要注意的是兩方的密碼要相同) 2.?實驗拓撲 如圖。 3.?實驗步驟 注: CHAP?驗證的最簡單配置,也是實際應用中最常用的配置方式。配置時要求用戶 名為對方路由器名,而雙方密碼必須一致。原因是:由于CHAP?默認使用本地路由器的名字 做為建立PPP?連接時的識別符。路由器在收到對方發送過來的詢問消息后,將本地路由器的 名字作為身份標識發送給對方;而在收到對方發過來的身份標識之后,默認使用本地驗證方 法,即在配置文件中尋找,看看有沒有用戶身份標識和密碼;如果有,計算加密值,結果正 確則驗證通過;否則驗證失敗,連接無法建立。 ? r0(config-if)#ip add 172.16.1.1 255.255.255.0 r0(config-if)#no sh r0(config-if)# *Mar??1 00:05:08.115: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up r0(config-if)# *Mar??1 00:05:09.123: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up r0(config-if)# *Mar??1 00:05:37.155: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to down r0(config-if)# *Mar??1 00:06:07.155: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up r0(config-if)#exit r0(config)#int s0/0 r0(config-if)#username r1 pass cisco r0(config)#int s0/0 r0(config-if)#enc ppp r0(config-if)#ppp authen chap路由器的兩端串口采用PPP?封裝,并采用配置CHAP?驗證: r0(config-if)#do sh ip int b Interface??????????????????IP-Address??????OK? Method Status????????????????Protocol FastEthernet0/0????????????unassigned??????YES unset??administratively down down??? Serial0/0??????????????????172.16.1.1??????YES manual up????????????????????up????? FastEthernet0/1????????????unassigned??????YES unset??administratively down down??? Serial0/1??????????????????unassigned??????YES unset??administratively down down??? r0(config-if)#do debug ppp authen PPP authentication debugging is on r0(config-if)#do ping 172.16.1.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max =?4/18/36?ms r0(config-if)#sh r0(config-if)#no sh *Mar??1 00:08:51.079: %LINK-5-CHANGED: Interface Serial0/0, changed state to administratively down *Mar??1 00:08:52.079: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to down r0(config-if)#no sh r0(config-if)# *Mar??1 00:08:54.551: Se0/0 PPP: Using default call direction *Mar??1 00:08:54.559: Se0/0 PPP: Treating connection as a dedicated line *Mar??1 00:08:54.559: Se0/0 PPP: Session handle[5A000004] Session id[2] *Mar??1 00:08:54.563: Se0/0 PPP: Authorization required *Mar??1 00:08:54.567: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up *Mar??1 00:08:54.663: Se0/0 CHAP: O CHALLENGE id 2 len 23 from "r0" *Mar??1 00:08:54.731: Se0/0 CHAP: I CHALLENGE id 3 len 23 from "r1" *Mar??1 00:08:54.747: Se0/0 CHAP: Using hostname from unknown source *Mar??1 00:08:54.747: Se0/0 CHAP: Using password from AAA *Mar??1 00:08:54.747: Se0/0 CHAP: O RESPONSE id 3 len 23 from "r0" *Mar??1 00:08:54.779: Se0/0 CHAP: I RESPONSE id 2 len 23 from "r1" *Mar??1 00:08:54.779: Se0/0 PPP: Sent CHAP LOGIN Request *Mar??1 00:08:54.791: Se0/0 PPP: Received?LOGIN?Response?PASS *Mar??1 00:08:54.795: Se0/0 PPP: Sent LCP AUTHOR Request *Mar??1 00:08:54.803: Se0/0 PPP: Sent IPCP AUTHOR Request r0(config-if)# *Mar??1 00:08:54.803: Se0/0 CHAP: I SUCCESS id 3 len 4 *Mar??1 00:08:54.823: Se0/0 LCP: Received?AAA?AUTHOR?Response?PASS *Mar??1 00:08:54.827: Se0/0 IPCP: Received?AAA?AUTHOR?Response?PASS *Mar??1 00:08:54.827: Se0/0 CHAP: O SUCCESS id 2 len 4 *Mar??1 00:08:54.839: Se0/0 PPP: Sent CDPCP AUTHOR Request *Mar??1 00:08:54.847: Se0/0 PPP: Sent IPCP AUTHOR Request *Mar??1 00:08:54.875: Se0/0 CDPCP: Received?AAA?AUTHOR?Response?PASS r0(config-if)# *Mar??1 00:08:55.827: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up 以上是chap的驗證過程。 r0(config-if)#do un all All possible debugging has been turned off r0(config-if)# r1(config)#no ip do loo r1(config)#lin c 0 r1(config-line)#logg s r1(config-line)#exec-t 00 r1(config-line)#exit r1(config)#int s0/0 r1(config-if)#ip add 172.16.1.2 255.255.255.0 r1(config-if)#no sh r1(config-if)#exit *Mar??1 00:05:48.767: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up *Mar??1 00:05:49.775: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up r1(config-if)#exit r1(config)#username r0 pass cisco r1(config)#int s0/0 r1(config-if)#username r0 pass cisco r1(config)#int s0/0 r1(config-if)#enc ppp *Mar??1 00:07:32.291: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to down r1(config-if)#ppp authen r1(config-if)#ppp authentication chap r1(config-if)# *Mar??1 00:07:52.351: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up r1(config-if)#do sh ip int b Interface??????????????????IP-Address??????OK? Method Status????????????????Protocol FastEthernet0/0????????????unassigned??????YES unset??administratively down down??? Serial0/0??????????????????172.16.1.2??????YES manual up????????????????????up????? FastEthernet0/1????????????unassigned??????YES unset??administratively down down??? Serial0/1??????????????????unassigned??????YES unset??administratively down down??? r1(config-if)#do ping 172.16.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max =?1/18/48?ms r1(config-if)#
本文轉自gauyanm 51CTO博客,原文鏈接:http://blog.51cto.com/gauyanm/238163,如需轉載請自行聯系原作者
本文轉自gauyanm 51CTO博客,原文鏈接:http://blog.51cto.com/gauyanm/238163,如需轉載請自行聯系原作者
總結
以上是生活随笔為你收集整理的NA-NP-IE系列实验30:CHAP 认证的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: Java日志框架-Spring中使用Lo
- 下一篇: 解析find用法