网络系统集成课程设计(-PPP的PAP和CHAP认证).docx
9页
姓名: 班级: 学号: 年级: 12级指导老师:成果:信息学院 网络系统集成课程实践 试验报告试验名称 PPP的PAP和CHAP认证试验日期:2015年04月15日一、 试验目的:驾驭PPP PAP认证和PPP CHAP认证的过程及配置二、 试验内容(1)在路由器上配置PPP PAP认证;(2)在路由器上配置PPP CHAP认证三、 试验要求(1)写出在路由器上配置PPP PAP认证的过程;(2)写出在路由器上配置PPP CHAP认证的过程四、 试验设备(1) 路由器Router-2811两台; (2) DCE串口线五、 试验步骤(一)PPP PAP认证(本试验要求配置路由器R1和路由器R2双向PAP验证)试验网络拓补结构设计1、配置路由器R1R1>enableR1#conf tEnter configuration commands, one per line. End with CNTL/Z.R1(config)#username R2 password cisco //以对方的主机名作为用户名,密码和对方路由器一样,在验证方配置被验证方用户名密码R1(config)#int loop0R1(config-if)#int s 0/3/0R1(config-if)#encapsulation ppp //接口下封装数据链路层PPP协议R1(config-if)#ppp authentication pap //PPP启用PAP认证方式R1(config-if)#ppp pap sent-username R1 password cisco//PAP认证的用户名、密码R1(config-if)#no shutdownR1(config-if)#%LINK-5-CHANGED: Interface Serial0/3/0, changed state to up%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/3/0, changed state to upR1(config-if)#exitR1(config)#exitR1#%SYS-5-CONFIG_I: Configured from console by console2、配置路由器R2Router>enableRouter#conf tEnter configuration commands, one per line. End with CNTL/Z.Router(config)#hostname R2R2(config)#username R1 password cisco //以对方的主机名作为用户名,密码和对方路由器一样,在验证方配置被验证方用户名密码R2(config)#int loop0R2(config-if)#%LINK-5-CHANGED: Interface Loopback0, changed state to up%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to upR2(config-if)#int s 0/3/0R2(config-if)#encapsulation ppp //接口下封装数据链路层PPP协议R2(config-if)#ppp authentication pap //PPP启用PAP认证方式R2(config-if)#ppp pap sent-username R2 password cisco//PAP认证的用户名、密码R2(config-if)#no shutdownR2(config-if)#%LINK-5-CHANGED: Interface Serial0/3/0, changed state to upR2(config-if)#%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/3/0, changed state to upR2(config-if)#%LINK-5-CHANGED: Interface Serial0/3/0, changed state to down%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/3/0, changed state to down%LINK-5-CHANGED: Interface Serial0/3/0, changed state to up%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/3/0, changed state to up3、配置完成Router1和Router2后,在Router1上进行测试R1#debug ppp authentication//打开PPP认证调试PPP authentication debugging is onR1#conf tEnter configuration commands, one per line. End with CNTL/Z.R1(config)#int s 0/3/0R1(config-if)#shutdownR1(config-if)#%LINK-5-CHANGED: Interface Serial0/3/0, changed state to administratively down%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/3/0, changed state to downR1(config-if)#no shutdown//端口关闭之后再打开,就可以看到PAP认证的重新建立过程R1(config-if)#%LINK-5-CHANGED: Interface Serial0/3/0, changed state to upSerial0/3/0 Using hostname from interface PAPSerial0/3/0 Using password from interface PAPSerial0/3/0 PAP: O AUTH-REQ id 17 len 15Serial0/3/0 PAP: Phase is FORWARDING, Attempting ForwardSerial0/3/0 PAP: I AUTH-REQ id 17 len 15Serial0/3/0 PAP: Authenticating peerSerial0/3/0 PAP: Phase is FORWARDING, Attempting ForwardSerial0/3/0 Using hostname from interface PAPSerial0/3/0 Using password from interface PAPSerial0/3/0 PAP: O AUTH-REQ id 17 len 15Serial0/3/0 PAP: Phase is FORWARDING, Attempting Forward%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/3/0, changed state to up4、查看网络拓补图从图上可以看出,路由器之间已经联通5、当R1和R2密码不一样时,再次进行测试R1(config)#int s 0/3/0R1(config-if)#no ppp pap sent-username R1 password cisco//修改路由器R1上的密码,是路由器R1和R2的密码不一样,可以看到,认证将失败R1#debug ppp authenticationPPP authentication debugging is onR1#conf tEnter configuration commands, one per line. End with CNTL/Z.R1(config)#int s 0/3/0R1(config-if)#shutdownR1(config-if)#%LINK-5-CHANGED: Interface Serial0/3/0, changed state to administratively down%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/3/0, changed state to downR1(config-if)#no shutdown当发出no shutdown吩咐时,出现了死循环,用Ctrl+c强制退出并用end结束。
6、检查网络拓补图由此可以看出,当两个路由器密码不一样时,两路由器无法联通二) PPP CHAP认证网络试验拓补结构1、 配置路由器R1Router>enableRouter#conf tEnter configuration commands, one per line. End with CNTL/Z.Router(config)#hostname R1R1(config)#username R2 password ciscoR1(config)#int loop0R1(config-if)#%LINK-5-CHANGED: Interface Loopback0, changed state to up%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to upR1R1(config-if)#int s 0/3/0R1R1(config-if)#encapsulation pppR1(config-if)#ppp authentication chapR1(config-if)#ppp pap sent-username R1 password ciscoR1(config-if)#no shutdown%LINK-5-CHANGED: Interface Serial0/3/0, changed state to downRouter(config-if)#%LINK-5-CHANGED: Interface Serial0/3/0, changed state to up2、 配置路由器R2Router>enableRouter#conf tEnter configuration commands, one per line. End with CNTL/Z.Router(config)#hostname R2R2(config)#username R1 password cis。
