No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E-M2 V800R010C10SPC500 Configuration Guide - WAN Access 01

This is NE40E-M2 V800R010C10SPC500 Configuration Guide - WAN Access

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Bidirectional CHAP Authentication

Example for Configuring Bidirectional CHAP Authentication

This section provides an example for configuring bidirectional CHAP authentication.

Networking Requirements

In Figure 8-6, Device A and Device B are required to authenticate each other in CHAP mode.

Figure 8-6 Networking diagram for bidirectional CHAP authentication
NOTE:
Interfaces 1 in this example is Lmpif0/1/0.

Precautions

None

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure the local user lists on Device A and Device B.

  2. Configure the user names on the interfaces of Device A and Device B.

  3. Enable CHAP authentication on the interfaces of Device A and Device B.

Data Preparation

To complete the configuration, you need the following data:

  • User names of Device A and Device B

  • Passwords of Device A and Device B

  • IP address of the interface on Device A

  • IP address of the interface on Device B

NOTE:

Device A and Device B must use the same password; otherwise the authentication fails.

Procedure

  1. Configure Device A.

    # Add the user name and password of Device B to the local user list of Device A.

    <HUAWEI> system-view
    [~HUAWEI] sysname DeviceA
    [*HUAWEI] commit
    [~DeviceA] aaa
    [~DeviceA-aaa] local-user rtb password cipher Hello-456
    [*DeviceA-aaa] quit

    # Assign an IP address to Lmpif 0/1/0 and configure PPP as a link layer protocol of the interface.

    [~DeviceA] interface Lmpif 0/1/0
    [*DeviceA-Lmpif0/1/0] ip address 10.110.0.1 255.255.255.0
    [*DeviceA-Lmpif0/1/0] link-protocol ppp

    # Configure the user name and password of Device A.

    [*DeviceA-Lmpif0/1/0] ppp chap user rta
    [*DeviceA-Lmpif0/1/0] ppp chap password simple Huawei-123

    # Configure Device A to authenticate Device B in CHAP mode.

    [*DeviceA-Lmpif0/1/0] ppp authentication-mode chap
    [*DeviceA-Lmpif0/1/0] undo shutdown

    # Submit the configuration.

    [*DeviceA-Lmpif0/1/0] commit

  2. Configure Device B.

    # Add the user name and password of Device A to the local user list of Device B.

    <HUAWEI> system-view
    [~HUAWEI] sysname DeviceB
    [*HUAWEI] commit
    [*DeviceB] aaa
    [~DeviceB-aaa] local-user rta password cipher Hello-456
    [*DeviceB-aaa] quit

    # Assign an IP address to Lmpif 0/1/0 and configure PPP as a link layer protocol of the interface.

    [~DeviceB] interface Lmpif 0/1/0
    [~DeviceB-Lmpif0/1/0] ip address 10.110.0.2 255.255.255.0
    [*DeviceB-Lmpif0/1/0] link-protocol ppp

    # Configure the user name and password of Device B.

    [*DeviceB-Lmpif0/1/0] ppp chap user rtb
    [*DeviceB-Lmpif0/1/0] ppp chap password simple Huawei-123

    # Configure Device B to authenticate Device A in CHAP mode.

    [*DeviceB-Lmpif0/1/0] ppp authentication-mode chap
    [*DeviceB-Lmpif0/1/0] undo shutdown

    # Submit the configuration.

    [*DeviceB-Lmpif0/1/0] commit

  3. Verify the configuration.

    After completing the configurations, run the display interface command on each Router. The command output shows that the LCP status is opened. The following example uses command output on Device A.
    [~DeviceA] display interface Lmpif 0/1/0
    Lmpif0/1/0 current state : UP (ifindex: 15)
    Line protocol current state : UP
    Description: HUAWEI, Quidway Series, Lmpif0/1/0 Interface
    Route Port,The Maximum Transmit Unit is 1500
    Internet Address is 10.110.0.1/24
    Link layer protocol is PPP
    LCP opened, IPCP opened
    Current BW: 100 Mbits
    Statistics last cleared:never
        Last 300 seconds input rate 0 bits/sec, 0 packets/sec
        Last 300 seconds output rate 0 bits/sec, 0 packets/sec
        Input:  0 packets, 0 bytes
        Input error: 0 shortpacket, 0 longpacket, 0 CRC, 0 lostpacket
        Output: 0 packets, 0 bytes
        Output error: 0 lostpackets
        Output error: 0 overrunpackets, 0 underrunpackets

Configuration Files

  • Device A configuration file

    #
    sysname DeviceA
    #
    interface Lmpif0/1/0
     undo shutdown
     link-protocol ppp
     ip address 10.110.0.1 255.255.255.0
     ppp authentication-mode chap
     ppp chap user rta
     ppp chap password simple Huawei-123
    #
     aaa
     local-user rtb password cipher @%@%j]v~7%f[#S'W>j9zzM)3,*!u@%@%
    #
    return
  • Device B configuration file

    #
    sysname DeviceB
    #
    interface Lmpif0/1/0
     undo shutdown
     link-protocol ppp
     ip address 10.110.0.2 255.255.255.0
     ppp authentication-mode chap
     ppp chap user rtb
     ppp chap password simple Huawei-123
    #
     aaa
     local-user rta password cipher @%@%j]v~7%f[#S'W>j9zzM)3,*!u@%@%
    #
    return
Download
Updated: 2019-01-02

Document ID: EDOC1100058399

Views: 17859

Downloads: 67

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next