PPP基本配置与认证
?实验目的
1、串行链路上的封装概念。
2、PPP封装。
3、掌握PAP认证特点和配置方法。
4、掌握CHAP认证特点和配置方法。
?实验要求
给出串行通信基本知识、PPP组成、PAP和CHAP操作和配置。给出PPP配置验证、故障排除的基本命令和基础理论。
?实验设备(环境、软件)
路由器三台、串行DCE线缆2条,交叉线2条
?实验设计到的基本概念和理论
给出PPP的基本组成、PPP链路建立步骤、PAP和CHAP的认证特点。
?实验过程和主要步骤
步骤一:路由器基本配置
路由器A的ip配置:
RouterA(config)#interface FastEthernet0/0
RouterA(config-if)#ip address 192.168.1.2 255.255.255.0 RouterA(config-if)#no shutdown
RouterA(config)#interface Serial2/0
RouterA(config-if)#ip address 10.10.10.1 255.0.0.0
RouterA(config-if)#ip address 10.10.10.1 255.255.255.252 RouterA(config-if)#no shutdown
路由器B的ip配置:
RouterB(config)#interface Serial2/0
RouterB(config-if)#ip address 10.10.10.2 255.0.0.0
RouterB(config-if)#ip address 10.10.10.2 255.255.255.252 RouterB(config-if)#
%LINK-5-CHANGED: Interface Serial2/0, changed state to upno shutdown RouterB(config-if)#clock rate 56000
RouterB(config)#interface Serial3/0
RouterB(config-if)#ip address 20.20.20.21 255.0.0.0
RouterB(config-if)#ip address 20.20.20.21 255.255.255.252
RouterB(config-if)#no shutdown
RouterB(config-if)#clock rate 64000
路由器C的ip配置:
RouterC(config)#interface FastEthernet0/0
RouterC(config-if)#ip address 192.168.2.2 255.255.255.0
RouterC(config-if)#no shutdown
RouterC(config)#interface Serial3/0
RouterC(config-if)#ip address 20.20.20.22 255.0.0.0
RouterC(config-if)#ip address 20.20.20.22 255.255.255.252
步骤二:配置登录用户名和密码
RouterA(config)#username zhengguibing password 123
RouterA(config)#line con 0
RouterA(config-line)#login local
RouterB(config)#username zhengguibing password 123
RouterB(config)#line con 0
RouterB(config-line)#login local
RouterC(config)#username zhengguibing password 123
RouterC(config)#line con 0
RouterC(config-line)#login local
步骤三:PPP封装步骤四:配置PAP和CHAP认证
PAP认证:
RouterA(config)#int s2/0
RouterA(config-if)#encapsulation ppp
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
RouterA(config-if)#ppp pap sent-username RouterA password AAA
RouterB(config)#username RouterA password AAA
RouterB(config)#int s2/0
RouterB(config-if)#encapsulation ppp
RouterB(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
RouterB(config-if)#ppp authentication pap
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
RouterB(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
RouterB(config)#int s2/0
RouterB(config-if)#encapsulation ppp
RouterB(config-if)#ppp pap sent-username RouterB password CCC RouterA(config)#username RouterB password CCC
RouterA(config)#int s2/0
RouterA(config-if)#encapsulation ppp
RouterA(config-if)#ppp authentication pap
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
RouterA(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
Chap认证:
RouterB(config)#username RouterC password BBB
RouterB(config)#int s3/0
RouterB(config-if)#encapsulation ppp
RouterB(config-if)#ppp authentication CHAP
RouterC(config)#username RouterB password BBB
RouterC(config)#int s3/0
RouterC(config-if)#encapsulation ppp
RouterC(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial3/0, changed state to up
RouterC(config-if)#ppp authentication CHAP
步骤五:配置路由协议
RouterA(config)#router ospf 1
RouterA(config-router)#network 192.168.1.0 0.0.0.255 area 8 RouterA(config-router)#network 10.10.10.0 0.0.0.3 area 8 RouterB(config)#router ospf 2
RouterB(config-router)#network 10.10.10.0 0.0.0.3 area 8 RouterB(config-router)#network20.20.20.20 0.0.0.3 area 8 RouterC(config)#router ospf 3
RouterC(config-router)#network 20.20.20.20 0.0.0.3 area 8 RouterC(config-router)#network 192.168.2.0 0.0.0.255 area 8
步骤六:查看并验证配置
RouterA#ping 10.10.10.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 31/31/32 ms
RouterA#debug ppp authentication
PPP authentication debugging is on
RouterC#ping 20.20.20.21
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.21, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 31/31/32 ms
RouterC#debug ppp authentication
PPP authentication debugging is on
心得体会
通过本次试验学到了ppp认证的两种方式,PAP认证和CHAP认证。过程中遇到的问题也通过请教而解决了,增长了不少知识。