The challenge packet of one-way chap authentication does not contain user_name, but that of two-way chap authentication does;
that is, both challenge and response packets in two-way chap authentication contain user_name.
In one-way chap authentication, the server transmits challenge packet first, at which point, the packet does not contain user_name; when the client echoes it with response packet, user_name is contain at the end of packet. The server looks up the corresponding username and password in local-host or radius according to user_name carried in response packet from the client; if it is correct, it returns success packet.
In two-way chap authentication, the server transmits challenge packet with user_name (take itself as client) contained at its end, and the following both response and success packets are the same to these in one-way chap authentication. However, since it is two-way chap authentication, both the server and client transmit challenge packet simultaneously and mutually. Noticeably, the user_names contained in both challenge and response packets sent by the same side are the same.
For results of packet capturing, see the attachment.