Ppp Over Serial

by
  1. Lwip Ppp Over Serial
  2. Ppp Over Serial Windows 10
  3. Ppp Over Serial Port Linux
  4. Wiki Ppp

* PPP over serial using HDLC-like framing, such as wired dialup modems or mobile telecommunications GPRS/EDGE/UMTS/HSPA+/LTE modems * PPP over Ethernet, such as xDSL modems. Oct 17, 2016  I am new PPP over serial port driver and how to configure ppp over serial Can you please tell me the steps to create ppp connection in pc. Please share ur ideas. Best & Regards, shankar.

  • PPP (Point-to-Point Protocol) is the most widely used method for transporting IP packets over a serial link between the user and the Internet Service Provider (ISP). Although PPP is primarily used over dialup lines, variants such as PPoE (PPP over Ethernet ) and PPoA (PPP over ATM) extend PPP to new data-link layer protocols.
  • Point-to-Point Protocol (PPP) PPP is used to transfer IP and other packet based traffic through a serial line. It can also be encapsulated over Ethernet with PPP-over-Ethernet (PPPoE) and over ATM with PPP-over-ATM (PPPoA); these are used by many ISP's (Internet Service Providers) for broadband Internet access.

This tutorial explains basic concepts of PPP, PPP encapsulation, PPP authentication PAP, PPP authentication CHAP and how to configure PPP protocol on Cisco router step by step.

Overview of PPP Protocol

  • PPP was built in 1990 as open standard protocol.
  • Since it is based on open standard, it will run with all vendors.
  • It works with Asynchronous serial connection, Synchronous serial connection, High-Speed Serial Interfaces (HSSI) and ISDN interfaces (BRI and PRI).
  • It provides dynamic addressing, authentication, callback and compression facilities.
  • It can encapsulate multiple network layer protocols to pass over the same link.
  • It can perform error detection, correction and quality check of link.
  • It can build single logical connection over multiple physical connections.

This tutorial is the third part of our article ' WAN Terminology Explained with Encapsulation Protocols and Methods '. You can read other parts of this article here.

This tutorial is the first part of article. This part explains basic wan concepts including terminology, encapsulation methods, switching concepts and encapsulation protocols in detail with example.

This tutorial is the second part of the article. This part explains HDLC (High-Level Data Link Control) protocol and encapsulation method in detail with examples including step by step configuration guide.

This tutorial is the fourth part of the article. This part explains basic concepts of Frame Relay such as LMI Types, DLCI, Access Rate, CIR rate, PVC, SVC and network type in easy language.

This tutorial is the last part of the article. This part provide step by step guide on how to configure Frame Relay in Cisco routers.

Basic concepts of PPP Protocol

PPP is built from three components; Framing, LCP and NCP. In this section we will take a closer look at these components.

PPP Framing (Encapsulation)

PPP Framing defines how network layer packets are encapsulated in PPP frame. As we know PPP can carry multiple Layer 3 protocols over a single link. To support multiple network layer protocols PPP uses Protocol Type filed in header. Following figure illustrates PPP framing

LCP (Link Control Protocol)

Monster girl quest part 3 download. This is the second component of PPP. PPP uses it to build and maintain data-link connections. It provides following options:-

Authentication:- LCP provides two types of authentication; PAP and CHAP. (Explained shortly in next section)

Compression:- Through compression LCP increases overall data transmission speed while saving bandwidth at the same time. It compression data at sending end and decompress data at receiving end.

Error Detection:- LCP uses LQM (Link Quality Monitoring ) tool to detect the interface that is exceeding threshold error percentage. Once faulty interface is identified, LCP will disable that interface and reroute the traffic from better route.

Looped Link Detection:- LCP uses magic number to detect looped link. Once looped link is detected LCP will disable that interface and reroute the traffic over the working link.

Multilink:- In this option multiple physical links are combined in a single logical connection at layer three. For example if we have two 64Kbps lines then this option can combine them in such a way that they appear as a single 128Kbps connection at layer 3.

Call Back :- In this option remote side router will call back to calling router. For example we have two routers; R1 and R2 with callback enabled. In this case, R1 will connect with R2 and authenticate itself. Once authentication process is completed, R2 will terminate the connection and then re-initiate the connection from its side. This way R1 will be charged only for the data that is used during the authentication process while R2 will be charged for remaining data transmission.

NCP (Network Control Protocol)

This is the third component of PPP. PPP uses NCP (Network Control Protocol) to allow multiple Network layer protocols (such as IPv4, IPv6, IPX) to be used in a single point to point connection.

PPP is specified at the physical and Data Link layers only. Don’t confuse with NCP component. NCP component is only used to carry multiple Network Layer protocols simultaneously across the single point to point link. PPP is neither specified as layer 3 protocol nor it works as layer 3 (network layer) protocol.

PPP Authentication

PPP Authentication is the method of identifying remote device. Through authentication we can find out whether remote party is genuine or imposter. For example there are two routers (R1 and R2) communicating over a serial link. Now R1 has some data for R2. But before sending this data, R1 want to be sure that remote device which is claiming itself as R2, is real R2. In this case R1 will initiate authentication process. In authentication process R2 will prove its identity. PPP supports two authentication protocols; PAP and CHAP.

PAP (Password Authentication Protocol)

In this protocol, password is sent in clear text format that makes it less secure in comparison with CHAP. PAP authentication is a two steps process. In step one, Router that want to be authenticate will send its user name and password to the Router that will authenticate it. In second step, if user name and password match, remote router will authenticate originating router otherwise authentication process will be failed. Following figure illustrate this process in detail

In step one, R1 sends user name and password in clear text format to R2 which will authenticate R1.

In step two, R2 will match received username and password with locally stored username and password. If both credential match, R2 will assume that R1 is real R1. R2 will send back an acknowledgment to R1 stating that it has passed authentication process and R2 is ready for data transmission.

PAP authentication is only performed upon the initial link establishment. Once link is established, no more sequential authentication are done for that particular session. PAP sends user name and password in clear text format. Username and password are case sensitive.

CHAP (Challenge Handshake Authentication Protocol)

CHAP is used at initial startup and once link is established, sequential authentication are performed to make sure that router is still communicating with same host. If any sequential authentication is failed, connection will be terminated immediately. CHAP authentication is a three steps process.

Step1

In first step R1 (Source) sends its username (without password) to the R2 (Destination).

Lwip Ppp Over Serial

Step2

  • Routers running CHAP need to maintain a local authentication database. This database contain a list of all allowed hosts with their login credential.
  • R2 will scan this database to find out whether R1 is allowed to connect with it or not.
  • If no entry for a particular host is found in database then that specific host is not allowed to connect with it. In such a case connection will be terminated at this point.
  • A database entry for R1 (with password) will confirm that R1 is allowed to connect with it. R1’s password would be picked up for next process.
  • At this moment a random key will be generated.
  • This random key with password will be passed in MD5 hashing function.
  • MD5 hashing function will produce a hashed value from given input (Random Key + Password).
  • This hashed value is known as Challenge.
  • R2 will send this Challenge with random key back to R1.

Step3

  • R1 will receive hashed value (Challenge) and a random key.
  • R1 will pass received random key and locally stored password in MD5 hashing function.
  • MD5 hashing function will produce a hashed value from given input (Random Key + Password).
  • Now R1 will compare this hashed value (generated from MD5 hashed function) with received hashed value from R2.
  • If both hashed value do not match, process will be terminated and connection will be rejected.
  • If both hashed values (locally generated and received) match, R1 will assume that password used by remote router (R2) must have been same as password used by itself. Thus R2 is real R2 and permission for this connection can be granted.
  • R1 will update R2 about authentication result with Accepted or Rejected acknowledgement signal.

CHAP uses one way hash algorithm (MD5) to generate a hashed value. Fusionfall legacy demo download. This hashed value is valid only for one time. So you need not to worry about those users who intentionally make a copy of this hashed value for later use. In CHAP authentication actual password is never sent across the link. So anybody tapping the wire will never be able to reverse the hash to know the original password.

CHAP uses three way handshake process to perform the authentication. In CHAP protocol actual password is never sent across the link. CHAP uses a hashed value for authentication that is generated from MD5 hashed function. MD5 uses locally store password and a random key to generate hashed value. This hashed value is valid only for one time.

Differences between PAP and CHAP authentication protocol

PAPCHAP
Perform authentication in two steps. Perform authentication in three steps.
Username and password are sent across the link. Only username is sent across the link.
Actual password is sent across the link. Actual password is never sent across the link.
Password is sent in clear text format. Password is hashed with a random key through the MD5 hashed function.
It is a less secure authentication protocol. Anyone tapping the wire can learn password. It is a secure authentication protocol. Since actual password is never sent across the wire, no one can learn password from wire-tapping.
PAP authentication is performed only at initial link establishment. CHAP authentication is performed at initial startup and if required, any time during the session.

Configure PPP Protocol on Cisco Router

Configuration of PPP encapsulation is simple and straightforward. Following command is used to configure the PPP encapsulation.

Let’s understand this process in detail with following example.

In above network two routers are connected with each other via serial link. Serial interfaces are essentially configured with following configuration on both routers.

R1
R2

At this time both routers are running default encapsulation in serial interface. HDLC is the default encapsulation protocol in Cisco routers. I have already explained HDLC in detail with example in second part of this article.

Okay lets change default encapsulation to PPP with following command.

R1
R2

Router(config)#interface serial 0/0/0 :- This command is used to enter in serial interface. Encapsulation is interface specific. We can use different encapsulation protocols in different interfaces. For example we can use PPP in serial 0/0/0 and HDLC in serial 0/0/1.

Router(config-if)# encapsulation ppp :- This command would set encapsulation protocol to PPP.

Router(config-if)#exit :- This command is used to return back in global configuration mode.

Router(config)# :- This command prompt indicates that we are in global configuration mode.

Configure PPP Authentication

PPP authentication requires two essential parameters:-

  1. Unique hostname of local router
  2. Username and password of remote router

Hostname of local router

To set hostname we can use hostname global configuration command. Let’s assign unique hostname to our routers

R1
R2

Username and password of remote router

To set username and password for remote router following global configuration mode command is used

Username is the hostname of remote router that will connect with this router. Hostname and password is case sensitive. Router stores password in clear text format that can be viewed with show running-config command.

Let’s set username and password in our example

R1
R2

Passwords assigned through the username [hostname of remote device] password [password] command would be save in running configuration as clear text format and could be viewed via show run command. To encrypt it use service password-encryption command from global configuration mode. Username and password is case sensitive. Username is the hostname of remote router that will connect with this router. Remote routers must also be configured with username and password. Password must be same on both routers.

PPP Protocol PAP Authentication

To configure PAP authentication use following commands on both routers

R1
R2

PPP Protocol CHAP Authentication

To configure CHAP authentication use following commands on both routers

R1
R2

Configure Both CHAP and PAP in same link

To configure both CHAP and PAP in same link use following commands on both routers

Ppp Over Serial Windows 10

R1
R2

If we use both methods on the same link as shown above then only the first method will be used in authentication process. Second method will be used only if first method fails. Thus second method will work as backup method.

Verifying PPP Protocol implementation

We can use show interface [interface] command to verify the PPP implementation.

Ppp Over Serial Port Linux

As output indicates encapsulation is set to PPP in this interface.

Troubleshooting / Debugging PPP Authentication

In this last section I will discuss some essential troubleshooting steps for PPP. When something went wrong, we should start debugging from the output of show interface [interface] command.

First line from output provides some clues about possible issue.

Wiki Ppp

Line Status Protocol Status Possible Reason Possible solution
Administratively Down Down Interface is shutdown Use no shutdown command from sub-interface mode
Down Down Physical layer issue. Check cable, connector and other connecting devices.
UP Down Data Link Layer issue. Check configuration.

In above example its “Serial 0/0/0 is up, line protocol is down” which indicates that physical layer is working properly but there is some issue in data link layer configuration.

Next, notice the states of LCP, IPCP and CDPCP. A Closed state for these indicates that something is wrong with LCP setup process, causing data link layer to fail. In rest of this tutorial I will explain some common causes for data link failure.

Mismatched WAN Encapsulation

In point to point link, encapsulation method at both ends must be same otherwise link will never come up. This problem is easy to find and fix. The show interfaces [interface] command will the list the encapsulation type.

Once you identify the problem, it can be fixed easily. Simply reconfigure the one end’s interface to match with other end’s encapsulation method.

Mismatched IP configuration

This problem is not directly associated with PPP configuration but can be tricky one question in exam. This problem cannot be spotted from show interface [interface] command as the output of this command will show “Serial 0/0/0 is up, line protocol is up” that makes you assume that everything is fine and operational at interface level. But when you try to ping remote router it gets fail. This is because PPP, HDLC and Frame Relay are layer 2 protocols and they don’t care about layer 3 configuration (IP Configuration). So even link is up, you cannot transfer the IP packets.

To fix this problem configure IP addresses in both ends from same subnet.

Debug PPP Authentication

To determine whether issue is related with PPP authentication or not, we can use debug ppp authentication command. If PPP encapsulation and authentication are setup correctly then this command will display output like this :

But if something wrong during authentication process output would look like this:-

If username and password are not configure exactly as they should be then authentication will be failed.

To fix this problem configure username and password in proper way. Remember that username and password are case sensitive.

Another thing that you should notice is authentication type that must be same in both ends. If you configure one end to use PAP while another end to use CHAP then that link would never work.

To fix this problem change authentication type in one end to match with other end.

That’s all for this part. In next part I will explain basic concepts of frame really in detail with examples.