PPPoE with PAP ・authentication with clear text

【pppoe_client】 interface FastEthernet0/0 no ip address speed auto duplex auto pppoe enable group global pppoe-client dial-pool-number 1

interface Dialer1 ip address negotiated encapsulation ppp dialer pool 1 dialer-group 1 ppp authentication pap callin ppp pap sent-username test@cisco.com password 0 CCIE ! ip route 0.0.0.0 0.0.0.0 Dialer1 permanent 【pppoe_server】 aaa new-model aaa session-id common multilink bundle-name authenticated vpdn enable username test@cisco.com password 0 CCIE bba-group pppoe global virtual-template 1 bba-group pppoe test virtual-template 1 interface Loopback0 ip address 8.8.8.8 255.255.255.0 interface FastEthernet0/1 no ip address speed auto duplex auto pppoe enable group test interface Virtual-Template1 ip address 200.200.200.50 255.255.255.0 peer default ip address pool test1 ppp authentication pap ip local pool test1 200.200.200.200 Verify and Packet capture pppoe_client(config)#int f0/0 pppoe_client(config-if)#shut pppoe_client#debug ppp authentication PPP authentication debugging is on pppoe_client(config)#int f0/0 pppoe_client(config-if)#no shut pppoe_client# *Jun 6 11:09:50.275: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up *Jun 6 11:09:51.187: %SYS-5-CONFIG_I: Configured from console by console *Jun 6 11:09:51.275: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up *Jun 6 11:10:06.659: %DIALER-6-BIND: Interface Vi2 bound to profile Di1 *Jun 6 11:10:06.683: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up *Jun 6 11:10:07.183: Vi2 PPP: Using dialer call direction *Jun 6 11:10:07.187: Vi2 PPP: Treating connection as a callout *Jun 6 11:10:07.191: Vi2 PPP: Session handle[A8000001] Session id[1] *Jun 6 11:10:07.319: Vi2 PPP: No authorization without authentication *Jun 6 11:10:07.323: Vi2 PAP: Using hostname from interface PAP *Jun 6 11:10:07.327: Vi2 PAP: Using password from interface PAP *Jun 6 11:10:07.327: Vi2 PAP: O AUTH-REQ id 1 len 24 from "test@cisco.com" *Jun 6 11:10:08.211: Vi2 PAP: I AUTH-ACK id 1 len 5 *Jun 6 11:10:08.371: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up pppoe_client#show ppp all Interface/ID OPEN+ Nego* Fail- Stage Peer Address Peer Name ------------ --------------------- -------- --------------- -------------------- Vi2 LCP+ IPCP+ CDPCP- LocalT 200.200.200.50 pppoe_client#show pppoe session 1 client session Uniq ID PPPoE RemMAC Port VT VA State SID LocMAC VA-st Type N/A 1 ca01.0674.0006 Fa0/0 Di1 Vi2 UP ca00.1d5c.0008 UP pppoe_client#show ip int bri Interface IP-Address OK? Method Status Protocol FastEthernet0/0 unassigned YES NVRAM up up (omit) Dialer1 200.200.200.200 YES IPCP up up Virtual-Access1 unassigned YES unset up up Virtual-Access2 unassigned YES unset up up pppoe_client#show ip route (omit) Gateway of last resort is 0.0.0.0 to network 0.0.0.0 S* 0.0.0.0/0 is directly connected, Dialer1 200.200.200.0/32 is subnetted, 2 subnets C 200.200.200.50 is directly connected, Dialer1 C 200.200.200.200 is directly connected, Dialer1 pppoe_client#ping 200.200.200.50 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 200.200.200.50, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 60/100/148 ms pppoe_client#ping 8.8.8.8 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 88/105/124 ms

PAP exchanges password in clear text .

#WAN #PAP #PPPoE