The procedure uses as examples the PPP configuration files that were introduced in How to Define Communications Over the Serial Line (Dial-in Server).
Log in as superuser on the dial-in server or assume an equivalent role.
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services. To configure a role with the Primary Administrator profile, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.
Add authentication options to the /etc/ppp/options file.
For example, you would add the options in bold to an existing /etc/ppp/options file to implement PAP authentication:
lock auth login nodefaultroute proxyarp ms-dns 10.0.0.1 idle 120 |
Specifies that the server must authenticate callers before establishing the link.
Specifies that the remote caller be authenticated by using the standard UNIX user authentication services.
Indicates that no pppd session on the local system can establish a default route without root privileges.
Adds an entry to the system's Address Resolution Protocol (ARP) table that specifies the IP address of the peer and the Ethernet address of the system. With this option the peer appears to be on the local Ethernet to other systems.
Enables pppd to supply a Domain Name Server (DNS) address, 10.0.0.1, for the client
Specifies that idle users are disconnected after two minutes.
In the /etc/ppp/options.cua.a file, add the following address for the cua/a user.
:10.0.0.2 |
In the /etc/ppp/options.cua.b file, add the following address for the cua/b user.
:10.0.0.3 |
In the /etc/ppp/pap-secrets file, add the following entry.
* * "" * |
The login option, as previously described, supplies the necessary user authentication. This entry in the /etc/ppp/pap-secrets file is the standard way of enabling PAP with the login option.
To configure PAP authentication credentials for trusted callers of the dial-in server, refer to Configuring PAP Authentication for Trusted Callers (Dial-out Machines).