Configuring CHAP Using Names Other Than the Hostname Diagram

CiGco.com

Client Router

Router(config-if)ft ppp chap hostname global

Router(config-if)ft ppp chap hostname global

Client Router

Client Route

Client Router

Router(config)ft global password

Client Route

Client Router

Router(config)ft global password

© 2001, Cisco Systems, Inc. All rights reserved.

Cisco CCIE Prep v1.O—Module 3-43

When a remote Cisco router connects to either a Cisco or a non-Cisco central router of a different administrative control, an Internet Service Provider (ISP), or a rotary of central routers, it may be necessary to configure an authentication username that is different from the hostname. In this situation, the hostname of the router is not provided or is different at different times (rotary). Also, the username that is allocated by the ISP may not be the remote router's hostname. In such a situation, the ppp chap hostname command is used to specify an alternate username that will be used for authentication.

For example, consider a situation where multiple remote devices are dialing into a central site. Using normal CHAP authentication, the username (which would be the hostname) of each remote device and a shared secret must be configured on the central router. In this scenario, the configuration of the central router can become lengthy and cumbersome to manage; however, if the remote devices use a username that is different from their hostname this can be avoided. The central site can be configured with a single username and shared secret that can be used to authenticate multiple dialin clients.

0 0

Post a comment