|
|
The following details define how the global bundle will use CHAP and PAP authentication for all incoming connections.
It may be necessary to use this attribute in the following cases:
Case | Description |
---|---|
Local host uses CHAP to authenticate the remote host. |
The specified name overrides the local host name in the outgoing challenge
and in the outgoing acknowledgment of success or failure.
For example, this allows you to configure local servers to use the same name when authenticating incoming connections. |
Remote host uses CHAP to authenticate the local host. | The specified name overrides the local host name in the outgoing response to a received challenge. This allows you to supply a name other than the local host name for the remote host to look up in its authentication database (unless it chooses to override it with a different name). |
Remote host uses PAP to authenticate the local host. |
The specified name overrides the local host name in the outgoing
authentication request.
This allows you to supply a name other than the local host name which
the remote host will use to look up a password in its authentication
database (unless it chooses to override the supplied name
with a different name).
The authentication database entry for the defined name must contain a PAP remote secret (password). |
It may be necessary to use this attribute in the following cases:
Case | Description |
---|---|
Local host uses CHAP to authenticate the remote host. |
PPP looks up a secret corresponding to the name so that
it can check the validity of a response value that it has received.
Normally, PPP would look for a secret corresponding to
the name supplied by the remote host in the incoming response.
For example, this allows you to configure a single name-secret pair
for authenticating several remote systems or users.
The authentication database entry for the defined name must contain a CHAP local secret. PPP uses the secret and the value that it sent in its challenge to calculate a value that it can compare with the response value that it has received from the peer. If the calculated value and the response value are the same, the remote host is authentic. |
Remote host uses CHAP to authenticate the local host. |
PPP looks up a secret corresponding to the name so that
it can calculate a response value and send it to the remote host.
Normally, PPP would look for a secret corresponding to
the name supplied by the remote host in the incoming challenge.
The authentication database entry for the defined name must contain a CHAP remote secret. PPP uses the secret and the value that it received in the challenge packet to calculate the value in the response packet that it sends to the remote authenticator. |
Local host uses PAP to authenticate the remote host. |
PPP uses the specified name to look up a password
to check against the one it has received in an authentication request.
Normally, PPP would look up a password for the name
supplied by the remote host in the incoming authentication request.
For example, this allows you to configure a single name-password pair
for authenticating several remote systems or users.
The authentication database entry for the defined name must contain a PAP local secret (password). |
Remote host uses PAP to authenticate the local host. |
PPP looks up a secret (password) corresponding to the
specified name and sends this in an authentication request to the
remote host. Normally, the name that is transmitted in the request
(the local host name which may also be overridden)
would be used to look up the secret.
The authentication database entry for the defined name must contain a PAP remote secret (password). |