Monavathia's Blog

CCNA 3 Labskill Chapter 7

Posted on: December 24, 2010

Lab 7.2.5.3 Configuring and Verifying PAP and CHAP Authentication
Step 1: Connect the equipment
Connect Router 1 and Router 2 with a serial cable connecting both Serial 0/0/0 interfaces as shown in the topology diagram.
Step 2: Perform basic configuration on Router 1
1. Connect a PC to the console port of the router to perform configurations using a terminal emulation program.
2. On Router 1, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration.
Step 3: Perform basic configuration on Router 2
On Router 2, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration.
Step 4: Configure PPP encapsulation on both R1 and R2
Change the encapsulation type to PPP by entering encapsulation ppp at the interface Serial 0/0
configuration mode prompt on both routers.
R1(config-if)#encapsulation ppp
R2(config-if)#encapsulation ppp
Step 5: Verify PPP encapsulation on R1 and R2
Enter the command show interface serial 0/0 to verify the PPP encapsulation on R1 and R2.
Step 6: Verify that the serial connection is functioning
Ping from R1 to R2 to verify that there is connectivity between the two routers.
R1#ping 192.168.15.2
R2#ping 192.168.15.1
Step 7: Turn on PPP debugging
To display the authentication exchange process as it occurs, issue the command debug ppp
authentication at the privileged EXEC mode prompt.
R1#debug ppp authentication
R2#debug ppp authentication
Step 8: Configure PPP authentication on R1 with PAP
1. Configure the username and password on the R1 router.
2. In Cisco IOS releases 11.1 or later, PAP must be enabled on the interface because it is disabled by default. From the Serial 0/0/0 interface configuration mode prompt, enable PAP on the interface.
Step 9: Verify that the serial connection is functioning
Verify that the serial connection is functioning by pinging the serial interface of R2.
Step 10: Configure PPP authentication on R2 with PAP
1. Configure the username and password on the R2 router
2. In Cisco IOS releases 11.1 or later, PAP must be enabled on the interface because it is disabled by default. From the Serial 0/0/0 interface configuration mode prompt, enable PAP on the interface.
Step 11: Verify that the serial connection is functioning
Verify that the serial connection is functioning by pinging the serial interface of R1.
Step 12: Remove PAP from R1 and R2
Remove PAP from R1 and R2 by issuing the command no in front of the commands used to configure PAP.
Step 13: Configure PPP authentication on R1 with CHAP
1. f both CHAP and PAP are enabled, the first authentication method specified is requested during the link negotiation phase. If the peer suggests using the second method or simply refuses the first method, the second method is tried.
2. Save the configuration on R1 and R2 and reload both routers.
3. To display the authentication exchange process as it occurs, issue the command debug ppp authentication at the privileged EXEC mode prompt.
4. Configure the username and password on the R1 router.
Step 14: Configure PPP authentication on R2 with CHAP
Configure the username and password on the R2 router
Step 15: Verify that the serial connection is functioning
Verify that the serial connection is functioning by pinging the serial interface of R1.
Was it successful? __________ yes
Step 16: Verify the serial line encapsulation on R1
Enter the command show interface serial 0/0 to view the details of the interface.
Step 16: Verify the serial line encapsulation on R1
Enter the command show interface serial 0/0 to view the details of the interface.
Step 18: Turn off debugging on both R1 and R2
Turn off all debugging by issuing the undebug all command on both R1 and R2.
R1#undebug all
R2#undebug all
Step 19: Reflection
1. What is an advantage of using CHAP over PAP? Jawaban: CHAP is the preferred protocol because CHAP periodically verifies the identity of the remote node using a three-way handshake. CHAP provides protection against playback attack through the use of a variable challenge value that is unique and unpredictable. Because the challenge is unique and random, the resulting hash value will be unique and random.
2. Which PPP protocol is used for establishing a point-to-point link? Jawaban: LCP
3. Which PPP protocol is used for configuring the various Network Layer protocols? Jawaban: NCP
Lab 7.2.3.3 Configuring and Verifying a PPP Link
Step 1: Connect the equipment
Connect Router 1 and Router 2 with a serial cable connecting both Serial 0/0/0 interfaces as shown in the topology diagram.
Step 2: Perform basic configuration on Router 1
Connect a PC to the console port of the router to perform configurations using a terminal emulation program. On Router 1, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration.
Step 3: Perform basic configuration on Router 2
On Router 2, configure the hostname, IP addresses, and passwords as provided in the addressing table. Save the configuration.
Step 4: Show the details of Serial 0/0/0 interface on R1
Enter the command show interface serial 0/0/0 to view the details of the interface.
Step 5: Show the details of Serial 0/0/0 interface on R2
Enter the command show interface serial 0/0/0 to view the details of the interface.
Step 6: Turn on PPP debugging
Turn on the PPP debug function on both routers by entering debug ppp negotiation at the privileged EXEC mode prompt.
Step 7: Change the encapsulation type
Change the encapsulation type to PPP by entering encapsulation ppp at the interface Serial 0/0 configuration mode prompt on both routers.
Step 8: Show the details of Serial 0/0/0 interface on R1
Enter the command show interface serial 0/0/0 to view the details of the interface.
Step 9: Show the details of Serial 0/0/0 interface on R2
Enter the command show interface serial 0/0/0 to view the details of the interface.
Step 10: Verify that the serial connection is functioning
Ping from R1 to R2 to verify that there is connectivity between the two routers.
Step 11: Reflection
1. What command allows you to view the details of a specific interface? Jawaban: show interface serial 0/0/0 (or whichever interface you select).
2. When should you use the debug function in a router? Jawaban: when you want to troubleshoot or to view what is occurring in real time on the network. Caution should be used to minimize the negative impact debugging has on network performance.
3. What is the default serial encapsulation on a Cisco router? Jawaban: HDLC

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: