1 / 38

Any Questions?

Any Questions?. Chapter 12- Point-to-Point WANs. PPP Concepts PPP Configuration Troubleshooting Serial Links. Pg 402. Do I know this?. Go through the Quiz- 5 minutes. 1. Which of the following PPP authentication protocols authenticates a device on the

jayme
Download Presentation

Any Questions?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Any Questions?

  2. Chapter 12-Point-to-Point WANs • PPP Concepts • PPP Configuration • Troubleshooting Serial Links Pg 402

  3. Do I know this? Go through the Quiz- 5 minutes

  4. 1. Which of the following PPP authentication protocols authenticates a device on the other end of a link without sending any password information in clear text? a. MD5 b. PAP c. CHAP d. DES

  5. 1. Which of the following PPP authentication protocols authenticates a device on the other end of a link without sending any password information in clear text? a. MD5 b. PAP c. CHAP d. DES Answer: C

  6. 2. Which of the following PPP protocols controls the operation of CHAP? a. CDPCP b. IPCP c. LCP d. IPXCP

  7. 2. Which of the following PPP protocols controls the operation of CHAP? a. CDPCP b. IPCP c. LCP d. IPXCP Answer: C

  8. 3. Two routers have no initial configuration whatsoever. They are connected in a lab using a DTE cable connected to R1 and a DCE cable connected to R2, with the DTE and DCE cables then connected to each other. The engineer wants to create a working PPP link. Which of the following commands are required on R1 for the link to reach a state in which R1 can ping R2’s serial IP address, assuming that the physical back-to-back link physically works? a. encapsulation ppp b. no encapsulation hdlc c. clock rate d. ip address

  9. 3. Two routers have no initial configuration whatsoever. They are connected in a lab using a DTE cable connected to R1 and a DCE cable connected to R2, with the DTE and DCE cables then connected to each other. The engineer wants to create a working PPP link. Which of the following commands are required on R1 for the link to reach a state in which R1 can ping R2’s serial IP address, assuming that the physical back-to-back link physically works? a. encapsulation ppp b. no encapsulation hdlc c. clock rate d. ip address Answer: A & D

  10. 4. Imagine that two routers, R1 and R2, have a leased line between them. Each router had its configuration erased and was then reloaded. R1 was then configured with the following commands: hostname R1 interface s0/0 encapsulation ppp ppp authentication chap Which of the following configuration commands can complete the configuration on R1 so that CHAP can work correctly? Assume that R2 has been configured correctly and that the password is fred. a. No other configuration is needed. b. ppp chap (global command) c. username R1 password fred d. username R2 password fred e. ppp chap password fred

  11. 4. Imagine that two routers, R1 and R2, have a leased line between them. Each router had its configuration erased and was then reloaded. R1 was then configured with the following commands: hostname R1 interface s0/0 encapsulation ppp ppp authentication chap Which of the following configuration commands can complete the configuration on R1 so that CHAP can work correctly? Assume that R2 has been configured correctly and that the password is fred. a. No other configuration is needed. b. ppp chap (global command) c. username R1 password fred d. username R2 password fred e. ppp chap password fred Answer: D

  12. 5. Consider the following excerpt from the output of a show command: Serial0/0/1 is up, line protocol is up Hardware is GT96K Serial Internet address is 192.168.2.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, LCP Open Open: CDPCP, IPCP, loopback not set Which of the following are true about this router’s S0/0/1 interface? a. The interface is using HDLC. b. The interface is using PPP. c. The interface currently cannot pass IPv4 traffic. d. The link should be able to pass PPP frames at the present time.

  13. 5. Consider the following excerpt from the output of a show command: Serial0/0/1 is up, line protocol is up Hardware is GT96K Serial Internet address is 192.168.2.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, LCP Open Open: CDPCP, IPCP, loopback not set Which of the following are true about this router’s S0/0/1 interface? a. The interface is using HDLC. b. The interface is using PPP. c. The interface currently cannot pass IPv4 traffic. d. The link should be able to pass PPP frames at the present time. Answer: B & D

  14. 6. Consider the following excerpt from the output of a show interfaces command on an interface configured to use PPP: Serial0/0/1 is up, line protocol is down Hardware is GT96K Serial Internet address is 192.168.2.1/24 A ping of the IP address on the other end of the link fails. Which of the following are reasons for the failure, assuming that the problem listed in that answer is the only problem with the link? a. The CSU/DSU connected to the other router is not powered on. b. The IP address on the router at the other end of the link is not in subnet 192.168.2.0/24. c. CHAP authentication failed. d. The router on the other end of the link has been configured to use HDLC. e. None of the other answers is correct.

  15. 6. Consider the following excerpt from the output of a show interfaces command on an interface configured to use PPP: Serial0/0/1 is up, line protocol is down Hardware is GT96K Serial Internet address is 192.168.2.1/24 A ping of the IP address on the other end of the link fails. Which of the following are reasons for the failure, assuming that the problem listed in that answer is the only problem with the link? a. The CSU/DSU connected to the other router is not powered on. b. The IP address on the router at the other end of the link is not in subnet 192.168.2.0/24. c. CHAP authentication failed. d. The router on the other end of the link has been configured to use HDLC. e. None of the other answers is correct. Answer: C&D

  16. 7. Two routers have a serial link between them, with the link configured to use PPP, and with EIGRP configured correctly for all interfaces. The engineer can ping the IP address on the other end of the link, but not the IP address of the other router’s LAN interface. Which of the following answers is a likely cause of the problem? a. The CSU/DSU connected to the other router is not powered on. b. The serial IP address on the router at the other end of the link is not in the same subnet as the local router. c. CHAP authentication failed. d. The router on the other end of the link has been configured to use HDLC.

  17. 7. Two routers have a serial link between them, with the link configured to use PPP, and with EIGRP configured correctly for all interfaces. The engineer can ping the IP address on the other end of the link, but not the IP address of the other router’s LAN interface. Which of the following answers is a likely cause of the problem? a. The CSU/DSU connected to the other router is not powered on. b. The serial IP address on the router at the other end of the link is not in the same subnet as the local router. c. CHAP authentication failed. d. The router on the other end of the link has been configured to use HDLC. Answer: B

  18. Any Questions?

  19. PPP Concepts • Definition of a header and trailer that allows delivery of a data frame over the link • Support for both synchronous and asynchronous links • A protocol type field in the header, allowing multiple Layer 3 protocols to pass over the same link • Built-in authentication tools: Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP) • Control protocols for each higher-layer protocol that rides over PPP, allowing easier integration and support of those protocols Pg 436

  20. PPP Protocol Field • PPP Supports multiple protocol types because of the TYPE field Pg 436

  21. PPP Link Control Protocol • PPP Link Control Protocol (LCP) implements the control functions that work the same regardless of Upper layer protocols Pg 437

  22. Looped Link Detection • If Telco has circuit linked • PPP LCP messages include a MAGIC NUMBER • If router sees it’s own magic number in a packet, it know the system is looped • Shutdown interface Pg 438

  23. Error Detection-LQM • Frame Check Sequence Field • If error detected, frame is discarded • System Monitors the errors-Link Quality Management (LQM) • System can shut down interaface if too many errors detected Pg 439

  24. PPP Multilink • System can Bind multiple PPP links together and treat as a single link • Less entries in Routing table • Similar to using two dial-up connections for faster access before DSL/Cable Modem • Provides for better load balancing • Packets will get fragmented for better balance Pg 439

  25. PPP Authentication • Built in function of PPP • Two Authentication Methods • PAP • Clear text exchange of information • CHAP • Challenge Handshake Protocol-Use MD5 • Use Encryption so there is never a chance of sniffing out useful information Pg 440

  26. PPP Authentication Pg 441

  27. PPP Configuration • Serial interface subcommands • Encapsulation ppp • Clock Rate command on the DCE side Pg 436

  28. Any Questions?

  29. CHAP Configurations • Step 1 Configure the routers’ hostnames using the hostname name global configuration command. • Step 2 Configure the name of the other router, and the shared secret password, using the username name password password global configuration command. • Step 3 Enable CHAP on the interface on each router using the ppp authentication chap interface subcommand. Pg 443

  30. PAP or CHAP Configuration • Ppp authentication pap • Can configure multiple authentication methods • Ppp authentication chap pap • Use chap first • If chap fails, use pap Pg 444

  31. Serial Link Troubleshooting Pg 445

  32. LAYER 1 problems • The leased line is down (a telco problem). • The line from the telco is not plugged in to either or both CSU/DSUs. • A CSU/DSU has failed or is misconfigured. • A serial cable from a router to its CSU/DSU is disconnected or faulty. • Don’t forget clock rate Pg 446

  33. Layer 2 Issues Pg 447

  34. Keepalives • PPP will send keepalives every 10 seconds • Make sure the signaling is correct • No keepalive, ppp will shut down interface Pg 448

  35. Any Questions?

  36. Authentication Failure • Debug ppp authentication • See the challende • See the response sent • See success • If failure • *May 21 18:24:03.171: Se0/0/1 PPP: Received LOGIN Response FAIL • *May 21 18:24:03.171: Se0/0/1 CHAP: O FAILURE id 15 len 25 msg is “Authentication failed” Pg 449

  37. Layer 3 Problems • Check that system is UP/UP • If ping doesn’t work and interface is up/up • Check IPs • PPP can override the IP configured • Will announce it’s actual IP with the /32 prefix • Can ping the actual configured address even if it is off the subnet Pg 450

  38. Any Questions?

More Related