test

System Administration Guide: Network Services

ProcedureHow to Add PAP Support to the PPP Configuration Files (Dial-in Server)

The procedure uses as examples the PPP configuration files that were introduced in How to Define Communications Over the Serial Line (Dial-in Server).

  1. Log in as superuser on the dial-in server or assume an equivalent role.

    Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.

  2. Add authentication options to the /etc/ppp/options file.

    For example, you would add the options in bold to an existing /etc/ppp/options file to implement PAP authentication:


    lock
auth
login
nodefaultroute
proxyarp
ms-dns 10.0.0.1
idle 120
    auth

    Specifies that the server must authenticate callers before establishing the link.

    login

    Specifies that the remote caller be authenticated by using the standard UNIX user authentication services.

    nodefaultroute

    Indicates that no pppd session on the local system can establish a default route without root privileges.

    proxyarp

    Adds an entry to the system's Address Resolution Protocol (ARP) table that specifies the IP address of the peer and the Ethernet address of the system. With this option the peer appears to be on the local Ethernet to other systems.

    ms-dns 10.0.0.1

    Enables pppd to supply a Domain Name Server (DNS) address, 10.0.0.1, for the client

    idle 120

    Specifies that idle users are disconnected after two minutes.

  3. In the /etc/ppp/options.cua.a file, add the following address for the cua/a user.


    :10.0.0.2

  4. In the /etc/ppp/options.cua.b file, add the following address for the cua/b user.


    :10.0.0.3

  5. In the /etc/ppp/pap-secrets file, add the following entry.


    *     *     	""     *
    Note –

    The login option, as previously described, supplies the necessary user authentication. This entry in the /etc/ppp/pap-secrets file is the standard way of enabling PAP with the login option.

See Also

To configure PAP authentication credentials for trusted callers of the dial-in server, refer to Configuring PAP Authentication for Trusted Callers (Dial-out Machines).