华为PPP认证:pap和chap双向认证配置
一、不认证双向
R1 [R1-aaa]int s0/0/0 [R1-Serial0/0/0]link-protocol ppp [Huawei-Serial0/0/0]ip add 192.168.1.1 24 R2 [Huawei]int s0/0/1 [Huawei-Serial0/0/1]link-protocol ppp [Huawei-Serial0/0/1]ip add 192.168.1.254 24
============================================================================================================
二、pap双向认证
先配置R1认证方:
1)aaa认证,创建相应的账号密码
<Huawei>sys [Huawei]sysname R1 [R1]aaa [R1-aaa]local-user huawei password cipher huawei [R1-aaa]local-user huawei service-type ppp
2)配置Serial接口类型和IP
[R1]int Serial 0/0/0 [R1-Serial0/0/0]link-protocol ppp 设置接口封装类型 [R1-Serial0/0/0]ip add 192.168.1.1 24
3)把aaa应用到s0/0/0接口下
[R1-Serial0/0/0]ppp authentication-mode pap
再配置R2被认证方:
1)配置s0/0/1接口的ip和账号密码
<Huawei>sys
[Huawei]sysname R2
[R2]int Serial 0/0/1
[R2-Serial0/0/1]link-protocol ppp
[R2-Serial0/0/1]ip add 192.168.10.254 24
[R2-Serial0/0/1]ppp pap local-user huawei password cipher huawei
========================================================================================================================
三、chap双向认证配置
先配置认证方R1;
1)、aaa认证,创建相应的账号密码
<Huawei>sys [Huawei]sysname R1 [R1]aaa [R1-aaa]local-user huawei password cipher huawei [R1-aaa]local-user huawei service-type ppp
2)配置Serial接口类型和IP
[R1]int Serial 0/0/0 [R1-Serial0/0/0]link-protocol ppp 设置接口封装类型 [R1-Serial0/0/0]ip add 192.168.1.1 24
3)把aaa应用到s0/0/0接口下
[R1-Serial0/0/0]ppp authentication-mode chap
再配置认证方R2:
<Huawei>sys [Huawei]sysname R2 [R2]int Serial 0/0/1 [R2-Serial0/0/1]link-protocol ppp [R2-Serial0/0/1]ip add 192.168.1.254 24 [R2-Serial0/0/1]ppp chap user huawei [R2-Serial0/0/1]ppp chap password cipher huawei