ppp authentication
To enable Challenge Handshake Authentication Protocol (CHAP), MS-CHAP, or Password Authentication
Protocol (PAP), and to specify the order in which CHAP, MS-CHAP, and PAP authentication is selected on
the interface, use the
ppp authentication
command an appropriate configuration mode. To disable PPP
authentication, use the
no
form of this command.
ppp authentication protocol
[
protocol
[
protocol
]] {
list-name| default
}
no ppp authentication
Syntax Description
Name of the authentication protocol used for PPP authentication. See
Authentication Protocols for Negotiation, on page 721
for the appropriate keyword. You
may select one, two, or all three protocols, in any order.
protocol
(Optional) Used with authentication, authorization, and accounting (AAA). Name of a
list of methods of authentication to use. If no list name is specified, the system uses the
default. The list is created with the
aaa authentication ppp
command.
list-name
(Optional) Specifies the name of the list of methods created with the
aaa authentication
ppp
command.
default
Command Default
PPP authentication is not enabled.
Command Modes
Interface configuration
Command History
Modification
Release
This command was introduced.
Release 3.9.0
This command was supported in the dynamic template configuration
mode for BNG.
Release 4.2.0
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes appropriate task
IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator
for assistance.
When you enable CHAP or PAP authentication (or both), the local router requires the remote device to prove
its identity before allowing data traffic to flow. PAP authentication requires the remote device to send a name
and a password, which is checked against a matching entry in the local username database or in the remote
security server database. CHAP authentication sends a challenge message to the remote device. The remote
device encrypts the challenge value with a shared secret and returns the encrypted value and its name to the
Cisco ASR 9000 Series Aggregation Services Router Interface and Hardware Component Command Reference,
Release 5.3.x
720
PPP Commands onthe Cisco ASR 9000 Series Router
ppp authentication