1 / 16

计算机通信网

计通 1718 班. 计算机通信网. 安徽邮电职业技术学院计算机系 赵正红 2009/2010 学年第一学期. 第六章 WAN. PPP X.25 FR. 一 .PPP. ( 一 ) 简介 ( 二 )PPP 中的 PAP 和 CHAP ( 三 )PPP 配置 ( 四 ) 案例 3. 以太网分类. ( 一 ). 简介. 1.PPP----Point-to Point Protocol 点到点,第二层 2 、组成: LCP,NCP,PAP 和 CHAP. ( 一 ). 简介. 3 、协商流程

elmo-conrad
Download Presentation

计算机通信网

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 计通1718班 计算机通信网 安徽邮电职业技术学院计算机系 赵正红 2009/2010学年第一学期

  2. 第六章 WAN • PPP • X.25 • FR Company Logo

  3. 一.PPP (一)简介 (二)PPP中的PAP和CHAP (三)PPP配置 (四)案例 3.以太网分类 Company Logo

  4. (一).简介 • 1.PPP----Point-to Point Protocol • 点到点,第二层 • 2、组成: • LCP,NCP,PAP和CHAP Company Logo

  5. (一).简介 3、协商流程 dead establish authenticate network terminate Company Logo

  6. (二)PAP和CHAP 1、PAP 被验方发起、两次握手、明文传送用户名和密码 Company Logo

  7. (二)PAP和CHAP 2.CHAP 主验方发起,三次握手,不传送密码 Company Logo

  8. (二)PAP和CHAP 思考: PAP与CHAP相比,孰优孰劣? 回答: PAP: 简单,快 CHAP:安全 Company Logo

  9. (三)配置 1、PPP基本配置 接口视图下: link-protocol ppp 注:H3C MSR30-40路由器的serial口在缺省情况下,启用的链路层协议为PPP. Company Logo

  10. (三)配置 • 2、PAP • (1)主验证方配置 • 配置验证方式为PAP • ppp authentication-mode pap • 配置用户列表 • [H3C]local-user username • [H3C-luser-h3c]password simple/cipher password • [H3C-luser-h3c]service-type ppp • (2)被验证方配置 • 配置PAP用户名 • ppp pap local-userusername password {simple|cipher}password Company Logo

  11. (三)配置 • 3、CHAP • (1)主验证方配置: • 配置本地验证对端(方式为CHAP) • ppp authentication-mode chap • 配置本地名称 • ppp chap user username • 将对端用户名和密码加入本地用户列 • [H3C]local-user username • [H3C-luser-h3c]password simple/cipher password • [H3C-luser-h3c]service-type ppp • (2)被验证方配置: • 配置本地名称密码 • [H3C-Serial0/0] ppp chap user username • [H3C-Serial1/1]ppp chap password {simple|cipher} password Company Logo

  12. (四)案例 Company Logo

  13. (四)案例 • RouterA: RouterA]local-user routerb [RouterA-luser-routerb]password simple hello [RouterA-luser-routerb]service-type ppp [RouterA]interface serial 0/0 [RouterA-Serial0/0]ppp authentication-mode pap • RouterB : [RouterB]interface serial 0/0 [RouterB-Serial0/0]ppp pap local-user routerb password simple hello Company Logo

  14. (四)案例 改为CHAP验证: RouterA:[RouterA] local-user routerb [RouterA-luser-routerb]passwordsimplehello [RouterA-luser-routerb]service-typeppp [RouterA]interface serial 0/0 [RouterA-Serial0/0]ppp chap user routera [RouterA-Serial0/0]ppp authentication-mode chap RouterB :[RouterB]local-user routera [RouterB-luser-routera]password simple hello [RouterB-luser-routera]service-typeppp [RouterB]interface serial 0/0 [RouterB-Serial0/0]ppp chap user routerb Company Logo

  15. (四)案例 引伸思考:   以上配置案例均为单向PAP或CHAP验证,能否实现双向PAP或CHAP验证? 答:完全可以!双向验证只是两个单向验证的叠加   而已!!! Company Logo

  16. Thank You ! 安徽邮电职业技术学院计算机系 赵正红 2009/2010学年第一学期

More Related