Manualshelf

HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
131132133134135136137138139140
111
with a username. HP recommends that you configure a username for the authenticator, which
makes it easier for the peer to verify the identity of the authenticator.
CHAP transmits usernames but not passwords over the network; or rather, it does not directly
transmit passwords and transmits the result calculated from the password and random packet ID
by using the MD5 algorithm. Therefore, it is more secure than PAP.
MS-CHAP—MS-CHAP is a three-way handshake authentication.
MS-CHAP differs from CHAP as follows:
{ MS-CHAP is enabled by negotiating CHAP Algorithm 0x80 in LCP option 3, Authentication
Protocol.
{ MS-CHAP provides authentication retry. With this mechanism, if the peer fails authentication, it
is allowed to retransmit authentication information to the authenticator for reauthentication. The
authenticator allows the peer to retransmit three times.
MS-CHAP-V2—MS-CHAP-V2 is a three-way handshake authentication protocol.
MS-CHAP differs from CHAP as follows:
{ MS-CHAP-V2 is enabled by negotiating CHAP Algorithm 0x81 in LCP option 3, Authentication
Protocol.
{ MS-CHAP-V2 provides two-way authentication by piggybacking a peer challenge on the
Response packet and an authenticator response on the Acknowledge packet.
{ MS-CHAP-V2 supports authentication retry. With this mechanism, if the peer fails authentication,
it is allowed to retransmit authentication information to the authenticator for reauthentication.
The authenticator allows the peer to retransmit three times.
{ MS-CHAP-V2 supports password changing. If the peer fails authentication because of an
expired password, it will send the new password entered by the user to the authenticator for
reauthentication.
Configuring PPP
PPP configuration task list
Task Remarks
Enabling PPP encapsulation on an interface Required.
Configuring PPP authentication Optional.
Configuring the polling interval Optional.
Configuring PPP negotiation Optional.
Enabling PPP traffic statistics collection Optional.
Enabling extended PPP traffic statistics collection Optional.
Configuring PPP user binding Optional.