华为PPP认证：pap和chap双向认证配置

一、不认证双向

R1 
[R1-aaa]int s0/0/0
[R1-Serial0/0/0]link-protocol ppp
[Huawei-Serial0/0/0]ip add 192.168.1.1 24

R2
[Huawei]int s0/0/1
[Huawei-Serial0/0/1]link-protocol ppp
[Huawei-Serial0/0/1]ip add 192.168.1.254 24

 

 

 

 ============================================================================================================

二、pap双向认证

先配置R1认证方：

1）aaa认证，创建相应的账号密码

<Huawei>sys
[Huawei]sysname R1
[R1]aaa
[R1-aaa]local-user huawei password cipher huawei
[R1-aaa]local-user huawei service-type ppp

2）配置Serial接口类型和IP

[R1]int Serial 0/0/0
[R1-Serial0/0/0]link-protocol ppp   设置接口封装类型
[R1-Serial0/0/0]ip add 192.168.1.1 24

3）把aaa应用到s0/0/0接口下

[R1-Serial0/0/0]ppp authentication-mode pap

再配置R2被认证方：

1）配置s0/0/1接口的ip和账号密码

<Huawei>sys
[Huawei]sysname R2
[R2]int Serial 0/0/1
[R2-Serial0/0/1]link-protocol ppp
[R2-Serial0/0/1]ip add 192.168.10.254 24
[R2-Serial0/0/1]ppp pap local-user huawei password cipher huawei

  ========================================================================================================================

 三、chap双向认证配置

先配置认证方R1;

1)、aaa认证，创建相应的账号密码

<Huawei>sys
[Huawei]sysname R1
[R1]aaa
[R1-aaa]local-user huawei password cipher huawei
[R1-aaa]local-user huawei service-type ppp

2)配置Serial接口类型和IP

[R1]int Serial 0/0/0
[R1-Serial0/0/0]link-protocol ppp   设置接口封装类型
[R1-Serial0/0/0]ip add 192.168.1.1 24

3)把aaa应用到s0/0/0接口下

[R1-Serial0/0/0]ppp authentication-mode chap

再配置认证方R2：

<Huawei>sys
[Huawei]sysname R2
[R2]int Serial 0/0/1
[R2-Serial0/0/1]link-protocol ppp
[R2-Serial0/0/1]ip add 192.168.1.254 24
[R2-Serial0/0/1]ppp chap user huawei
[R2-Serial0/0/1]ppp chap password cipher huawei