blog
    How does the "ppp chap pa ...
    27 December 07

    How does the "ppp chap password" command work?

    Posted byBrian McGahan
    facebooktwitterlinkedin
    news-featured

    Unlike PAP, CHAP does not actually send a password over the line. Instead, a hash value made up of the password and magic number is sent. Unless the hash matches from both authenticating parties, authentication is not successful.


    By default, the router sends it's hostname for authentication when using chap. The router on the other side does a lookup in its local database, radius server, or tacacs server, and finds the password that is paired with that username. If there is no matching username in the database, the password specified with the interface level command 'ppp chap password' is used as the default password.


    Suppose you have a central office that has many remote clients dialing into it. If you don't want to create an entry in the user database for each remote client, you can just specify a default password with 'ppp chap password'. As long as the remote clients have an entry for the central site in their user database, authentication will be successful.

    Hey! Don’t miss anything - subscribe to our newsletter!

    © 2022 INE. All Rights Reserved. All logos, trademarks and registered trademarks are the property of their respective owners.
    instagram Logofacebook Logotwitter Logolinkedin Logoyoutube Logo