模拟器版本及实验图:
实验过程中信息提示若影响命令输入可以关闭信息中心:
[h3c]undo info-center enable
Information center is disabled.
pap单向验证:
以r1为主验证方配置用户名密码,r2为被验证方不用配置用户名密码
1.路由器r1上的配置:
[H3C]sysname r1
[r1]int s1/0
[r1-Serial1/0]ip add 1.1.1.1 24
[r1]local-user r1 class network //v7版本默认class类型为manage,需要改成network,不然服务类型敲不出ppp
[r1-luser-network-r1]password simple admin
[r1-luser-network-r1]service-type ppp
[r1-luser-network-r1]quit
[r1]int s1/0
[r1-Serial1/0]ppp authentication-mode pap
[r1-Serial1/0]shutdown
[r1-Serial1/0]undo shutdown
r2上的配置
[H3C]sysname r2
[r2]int s1/0
[r2-Serial1/0]ip add 1.1.1.2 24
[r2-Serial1/0]ppp pap local-user r1 password simple admin //发送主验证方的用户名密码
[r2-Serial1/0]shutdown
[r2-Serial1/0]undo shutdown
pap双向验证:
就是将在r1上的配置在r2上再做一次 , *r1,r2上配置的密码可以相同也可以不同
r1上的配置:
[H3C]sysname r1
[r1]int s1/0
[r1-Serial1/0]ip add 1.1.1.1 24
[r1]local-user r1 class network
[r1-luser-network-r1]password simple admin
[r1-luser-network-r1]service-type ppp
[r1-luser-network-r1]quit
[r1]int s1/0
[r1-Serial1/0]ppp authentication-mode pap
[r1-Serial1/0]ppp pap local-user r2 password simple adminadmin
[r1-Serial1/0]shutdown
[r1-Serial1/0]undo shutdown
r2上的配置:
[H3C]sysname r2
[r2]local-user r2 class network
[r2-luser-network-r2]password simple adminadmin
[r2-luser-network-r2]service-type ppp
[r2-luser-network-r2]quit
[r2]int s1/0
[r2-Serial1/0]ip add 1.1.1.2 24
[r2-Serial1/0]ppp pap local-user r1 password simple admin
[r2-Serial1/0]shutdown
[r2-Serial1/0]undo shutdown
chap单向验证1:
r1上的配置,被验证方没有设置用户名密码(省略了接口IP地址配置):
[r1]local-user r1 class network
[r1-luser-network-r1]password simple admin
[r1-luser-network-r1]service-type ppp
[r1-luser-network-r1]quit
[r1]int s1/0
[r1-Serial1/0]ppp authentication-mode chap
[r1-Serial1/0]shutdown
[r1-Serial1/0]undo shutdown
r2上的配置
[r2]int s1/0
[r2-Serial1/0]ppp chap user r1
[r2-Serial1/0]ppp chap password simple admin
chap双向验证1:
r1,r2上的密码可以不一样
r1上的配置:
[r1]local-user r1 class network
[r1-luser-network-r1]password simple admin
[r1-luser-network-r1]service-type ppp
[r1-luser-network-r1]quit
[r1]int s1/0
[r1-Serial1/0]ppp authentication-mode chap
[r1-Serial1/0]ppp chap user r2
[r1-Serial1/0]ppp chap password simple adminadmin
[r1-Serial1/0]shutdown
[r1-Serial1/0]undo shutdown
r2上的配置:
[r2]local-user r2 class network
[r2-luser-network-r2]password simple adminadmin
[r2-luser-network-r2]service-type ppp
[r2-luser-network-r2]quit
[r2]int s1/0
[r2-Serial1/0]ppp authentication-mode chap
[r2-Serial1/0]ppp chap user r1
[r2-Serial1/0]ppp chap password simple admin
[r2-Serial1/0]shutdown
[r2-Serial1/0]undo shutdown
chap双向验证2:
r1,r2上的密码必须一样
r1上的配置
[r1]local-user r2 class network //将对端r2用户名密码加入本地用户列表
[r1-luser-network-r2]password simple admin
[r1-luser-network-r2]service-type ppp
[r1-luser-network-r2]quit
[r1]int s1/0
[r1-Serial1/0]ppp authentication-mode chap
[r1-Serial1/0]ppp chap user r1 //被验证方发送chap用户名
[r1-Serial1/0]undo shut
[r1-Serial1/0]undo shutdown
r2上的配置
[r2]local-user r1 class network //将对端r1用户名密码加入本地用户列表
[r2-luser-network-r1]password simple admin
[r2-luser-network-r1]service-type ppp
[r2-luser-network-r1]quit
[r2]int s1/0
[r2-Serial1/0]ppp authentication-mode chap
[r2-Serial1/0]ppp chap user r2 //被验证方发送chap用户名
[r2-Serial1/0]shutdown
[r2-Serial1/0]undo shutdown