欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

CHAP 认证配置

程序员文章站 2024-02-11 15:01:16
...

CHAP 认证配置
3.1 问题
如图配置 设备 IP 地址
配置 R1 为认证端,R2为被认证端
认证方式为 CHAP,用户名为 Cisco ,密码为 CCIE
3.2 方案
搭建实验环境,如图-3所示。

CHAP 认证配置
图-3

3.3 步骤
实现此案例需要按照如下步骤进行。

1)配置接口IP地址

<Huawei>undo terminal monitor 
<Huawei>system-view 
[Huawei]sysname R1
[R1]interface Pos 6/0/0
[R1-Pos6/0/0]ip address  100.1.1.1 24
[R1-Pos6/0/0]quit
<Huawei>undo terminal monitor 
<Huawei>system-view 
[Huawei]sysname R2
[R2]interface Pos 6/0/0
[R2-Pos6/0/0]ip address  100.1.1.2 24
[R2-Pos6/0/0]quit

2)配置被认证端 – R2

[R2]interface Pos 6/0/0
[R2-Pos6/0/0] ppp chap user Cisco
[R2-Pos6/0/0] ppp chap password cipher CCIE
[R2-Pos6/0/0] quit

3)配置认证端 – R1

[R1]aaa
[R1-aaa]local-user Cisco password cipher CCIE
[R1-aaa]local-user Cisco service-type ppp 
[R1-aaa]quit
[R1]interface Pos 6/0/0
[R1-Pos6/0/0]ppp authentication-mode chap
[R1-Pos6/0/0]ppp chap user Cisco
[R1-Pos6/0/0]quit

4)测试 R1与R2之间的互通性

[R1]interface Pos 6/0/0
[R1-Pos6/0/0]shutdown
[R1-Pos6/0/0]undo shutdown
<R1>ping 100.1.1.2
  PING 100.1.1.2: 56  data bytes, press CTRL_C to break
    Reply from 100.1.1.2: bytes=56 Sequence=1 ttl=255 time=50 ms
    Reply from 100.1.1.2: bytes=56 Sequence=2 ttl=255 time=20 ms
    Reply from 100.1.1.2: bytes=56 Sequence=3 ttl=255 time=20 ms
    Reply from 100.1.1.2: bytes=56 Sequence=4 ttl=255 time=20 ms
    Reply from 100.1.1.2: bytes=56 Sequence=5 ttl=255 time=20 ms
  --- 100.1.1.2 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 20/26/50 ms