PPP 认证 配置PAP单向认证示例(本地认证方式)实验

本文介绍如何在路由器间配置PAP单向认证,实现从RouterA到RouterB的简单认证过程。通过设置本地用户、密码及认证模式,确保链路层协议PPP协商成功。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

配置PAP单向认证示例(本地认证方式)

组网需求

图1所示,RouterA的Serial1/0/0和RouterB的Serial1/0/0相连。

用户希望RouterA对RouterB进行简单的认证,而RouterB不需要对RouterA进行认证。

图1 PAP认证组网图

配置思路

配置思路如下:

  1. 用户希望进行简单认证,对安全的要求不高,所以配置PAP认证即可。
  2. 用户希望进行单向认证,所以仅需要配置RouterA作为PAP认证的认证方,RouterB作为PAP认证的被认证方。

操作步骤

  1. 配置RouterA

    # 配置接口Serial1/0/0的IP地址及封装的链路层协议为PPP。

    <Huawei> system-view
    [Huawei] sysname RouterA
    [RouterA] interface serial 1/0/0
    [RouterA-Serial1/0/0] link-protocol ppp
    [RouterA-Serial1/0/0] ip address 10.10.10.9 30
    [RouterA-Serial1/0/0] quit

    # 配置本地用户及域。

    [RouterA] aaa
    [RouterA-aaa] authentication-scheme system_a
    [RouterA-aaa-authen-system_a] authentication-mode local
    [RouterA-aaa-authen-system_a] quit
    [RouterA-aaa] domain system
    [RouterA-aaa-domain-system] authentication-scheme system_a
    [RouterA-aaa-domain-system] quit
    [RouterA-aaa] local-user user1@system password
    Please configure the login password (8-128)                                     
    It is recommended that the password consist of at least 2 types of characters, i
    ncluding lowercase letters, uppercase letters, numerals and special characters. 
    Please enter password:                                                          
    Please confirm password:                                                        
    Info: Add a new user.                                                           
    Warning: The new user supports all access modes. The management user access mode
    s such as Telnet, SSH, FTP, HTTP, and Terminal have security risks. You are advi
    sed to configure the required access modes only.  
    [RouterA-aaa] local-user user1@system service-type ppp
    [RouterA-aaa] quit

    # 配置PPP认证方式为PAP、认证域为system。

    [RouterA] interface serial 1/0/0
    [RouterA-Serial1/0/0] ppp authentication-mode pap domain system
    

    # 重启接口,保证配置生效。

    [RouterA-Serial1/0/0] shutdown
    [RouterA-Serial1/0/0] undo shutdown

  2. 配置RouterB

    # 配置接口Serial1/0/0的IP地址及封装的链路层协议为PPP。

    <Huawei> system-view
    [Huawei] sysname RouterB
    [RouterB] interface serial 1/0/0
    [RouterB-Serial1/0/0] link-protocol ppp
    [RouterB-Serial1/0/0] ip address 10.10.10.10 30

    # 配置本地被RouterA以PAP方式认证时RouterB发送的PAP用户名和密码并重启接口。

    [RouterB-Serial1/0/0] ppp pap local-user user1@system password cipher huawei123
    [RouterB-Serial1/0/0] shutdown
    [RouterB-Serial1/0/0] undo shutdown

  3. 验证配置结果

    # 执行命令display interface serial 1/0/0查看接口的配置信息,接口的物理层和链路层的状态都是Up状态,并且PPP的LCP和IPCP都是opened状态,说明链路的PPP协商已经成功,并且RouterA和RouterB可以互相Ping通对方。

    [RouterB] display interface serial 1/0/0
    Serial1/0/0 current state : UP
    Line protocol current state : UP
    Last line protocol up time : 2011-03-25 11:35:10
    Description:HUAWEI, AR Series, Serial1/0/0 Interface
    Route Port,The Maximum Transmit Unit is 1500, Hold timer is 0(sec)
    Internet Address is 10.10.10.9/30
    Link layer protocol is PPP
    LCP opened, IPCP opened
    Last physical up time   : 2011-03-25 11:35:10
    Last physical down time : 2011-03-25 11:35:01
    Current system time: 2011-03-25 17:30:07
    Physical layer is synchronous, Virtualbaudrate is 64000 bps
    Interface is DTE, Cable type is V35, Clock mode is DTECLK1
    Last 10 seconds input rate 7 bytes/sec 56 bits/sec 0 packets/sec
    Last 10 seconds output rate 7 bytes/sec 56 bits/sec 0 packets/sec
    Input: 0 packets, 0 bytes                                                       
      Broadcast:              0,  Multicast:              0                         
      Errors:                 0,  Runts:                  0                         
      Giants:                 0,  CRC:                    0                         
                                                                                    
      Alignments:             0,  Overruns:               0                         
      Dribbles:               0,  Aborts:                 0                         
      No Buffers:             0,  Frame Error:            0                         
                                                                                    
    Output: 0 packets, 0 bytes                                                      
      Total Error:            0,  Overruns:               0                         
      Collisions:             0,  Deferred:               0                         
      No Buffers:             0         
    DCD=UP DTR=UP DSR=UP RTS=UP CTS=UP
    
        Input bandwidth utilization  : 0.18%
        Output bandwidth utilization : 0.18%   
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

周三叁

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值