Filter
Top Products
B-3
Cisco 860 Series, Cisco 880 Series, and Cisco 890 Series Integrated Services Routers Software Configuration Guide
OL-18906-02
Appendix B Concepts
PPP Authentication Protocols
Enhanced IGRP
Enhanced IGRP is an advanced Cisco-proprietary distance-vector and link-state routing protocol, which
means it uses a metric more sophisticated than distance (hop count) for route selection. Enhanced IGRP
uses a metric based on a successor, which is a neighboring router that has a least-cost path to a
destination that is guaranteed not to be part of a routing loop. If a successor for a particular destination
does not exist but neighbors advertise the destination, the router must recompute a route.
Each router that is running Enhanced IGRP sends hello packets every 5 seconds to inform neighboring
routers that it is functioning. If a particular router does not send a hello packet within a prescribed period,
Enhanced IGRP assumes that the state of a destination has changed and sends an incremental update.
Because Enhanced IGRP supports IP, you can use one routing protocol for multiprotocol network
environments, minimizing the size of the routing tables and the amount of routing information.
PPP Authentication Protocols
The Point-to-Point Protocol (PPP) encapsulates network-layer protocol information over
point-to-point
links.
PPP originated as an encapsulation protocol for transporting IP traffic over point-to-point links. PPP also
established a standard for the assignment and management of IP addresses, asynchronous (start/stop)
and bit-oriented synchronous encapsulation, network protocol multiplexing, link configuration, link
quality testing, error detection, and option negotiation for such capabilities as network-layer address
negotiation and data-compression negotiation. PPP supports these functions by providing an extensible
Link Control Protocol (LCP) and a family of Network Control Protocols (NCPs) to negotiate optional
configuration parameters and facilities.
The current implementation of PPP supports two security authentication protocols to authenticate a PPP
session:
• Password Authentication Protocol (PAP)
• Challenge Handshake Authentication Protocol (CHAP)
PPP with PAP or CHAP authentication is often used to inform the central site which remote routers are
connected to it.
PAP
PAP uses a two-way handshake to verify the passwords between routers. To understand how PAP works,
imagine a network topology in which a remote office Cisco router is connected to a corporate office
Cisco router. After the PPP link is established, the remote office router repeatedly sends a configured
username and password until the corporate office router accepts the authentication.
PAP has the following characteristics:
• The password portion of the authentication is sent across the link in clear text (not scrambled or
encrypted).
• PAP provides no protection from playback or repeated trial-and-error attacks.
• The remote office router controls the frequency and timing of the authentication attempts.