PAP/CHAP Examples
The example below shows the asppp.cf file for the server mojave with PAP and CHAP authentication required. The peers are nomada (PAP) and nomadb (CHAP).
Example 23-1 Code Example for Server mojave
ifconfig ipdptp0 plumb mojave nomada up
ifconfig ipdptp1 plumb mojave nomanb up
path
peer_system_name tamerlane
require_authentication pap #tells nomada that mojave
#requires pap authentication
pap_peer_id desert
pap_peer_password oasis
path
peer_system_name lawrence
require_authentication chap #tells nomadb that mojave
#requires chap authentication
chap_peer_name another\sdesert
chap_peer_secret secret\soasis\swith\007bell
|
The next sample shows mojave's remote host nomada offering to do both PAP and CHAP authentication.
Example 23-2 Code Example for Remote Host nomada
ifconfig ipdptp0 plumb tamerlane mojave up
path
interface ipdptp0
peer_system_name mojave
will_do_authentication chap pap #nomada tells mojave
#that it will do chap and
#pap authentication
pap_id desert
pap_password oasis
chap_name desert\srain
chap_secret %$#@7&*(+|`P'12
|
The next example shows mojave's remote host nomadb offering to do CHAP authentication.
Example 23-3 Code Example for Remote Host nomadb
ifconfig ipdptp0 plumb nomadb mojave private up
path
interface ipdptp0
peer_system_name mojave
will_do_authentication chap #nomadb tells mojave that it
#will do chap authentication
chap_name another\sdesert
chap_secret secret\soasis\swith\007bell
|
Ideally, both CHAP and PAP are included in the configuration file, with the server requiring authentication and the remote host willing to do authentication. However this is reversible so that either side can require authentication. CHAP secrets need to be delivered by secure means. This generally involves manually releasing them.
- © 2010, Oracle Corporation and/or its affiliates