Wednesday, May 8, 2013

How to configure PPP authentication

I would like to explain in this article how to configure PPP authentication between two routers.
First, I would like to invite all job seekers to post their CV in https://www.security-architecture.com/. Our website is free not only for employees but also for employers.

Let's take a look first at our diagram:

As you see in the image, we have 2 routers connected through serial point-to-point interfaces. The subnet is 192.168.13.0/24.
R3 must authenticate R1, means in order for router R3 to accept PPP connection with router R1, R1 must proove his identity to router R3. And let's say that Router R3 will authenticate R1 by PAP authentication

Let us start with first basic ppp connectivity

Router R3
sh run int s0/0/1
interface Serial0/0/1
ip address 192.168.13.3 255.255.255.0
encapsulation ppp
end


router R1
show run int s0/1/0
interface Serial0/1/0
ip address 192.168.13.1 255.255.255.0
encapsulation ppp
clock rate 2000000
end


So as we said the authentication is PAP, and it is local (means when R3 wants to authenticate router R1, R3 will look in its own local database). So for that purpose, we will create a local username and password on router R3. We will name the user R1User and password is password.
R3(config)#username R1User privilege 1 password password
Now On router R3, we need to tell the router R3 to use local database for ppp authentication.
so first:
R3(config)#aaa new-model
Then we created a list called R1-PPP-AUTH, this list is local authentication list for ppp connectivity
R3(config)#aaa authentication ppp R1-PPP-AUTH local
So now let us attach this list authentication to the ppp connection on the serial interface s0/0/
R3(config-if)#ppp authentication pap R1-PPP-AUTH
R3(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/1, changed state to down
R3(config-if)#
As you see that once we configured the ppp authentication, the line protocol goes down on s0/0/1

So what we have to do now is to move the router R1 and configure it to send username and password to router R3, so that router R3 will know that the connection is sent from router R1
R1(config-if)#ppp pap sent-username R1User password password
R1(config-if)#
*Jan 14 10:52:36.919: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/0
As you see, once we entered this command on router1, the ppp connection came up.
For PPP CHAP authentication, I will explain it in my ne


you can follow our FTP services and solutions blog on https://ftp-services.blogspot.com
You can also follow our DHCP services and ip services solutions on https://dhcpservices.blogspot.com

I hope this was helpful, and I would like to thank you for reading

Posted by CCIE consultant at 7:48 PM 0 comments

Saturday, February 16, 2013

5 interview questions for a system administrator

I would like to write a series of questions that can be asked in for a sysadmin position.
First, I would like to introduce myself. My name is anthony, and I am from the team of www.find1job.com. If you are looking for an IT job don't hesitate to post an announce and submit your CV with us http://www.find1job.com/postad/employee/postadv.html


Linux Questions:

How to create a symbolic link ?
ln -s

How to reset a password for a CentOS operating system ?

Boot with the CentOS CD,
Then run ls /dev/sda* to get a list of the drives
mount them, then try to see which one is the / drive (it should contains the /etc directory). change to this drive with chroot, then run passwd command

Windows questions:
How to clean the active directory from a domain controller that had a hardware failure ?
First, if it has one of the 5 roles, I have to seize the roles with another domain controller, then I have to use the ntdsutil command line to remove the failed domain controller form the active directory.

How do I use a domain local group and global group ?
Global group should be related to departments or team. For example, i create a global group for accountants, i create a global group from system admin, another global group for database admin.
Domain local group can be used to assign permissions to ressource (Files,Folders and printers..)
So I assign permission to domain local group (maybe 1 for read only and 1 for read and write), then I add the global group that need access to the specific resource inside that domain local group

 Exchange Server 2010
How to clear the transaction log files for a specific database ?
Backup this datbase

If you are looking for a job as system administrator, or a network administrator. If you are searching a job in IT field. We invite you to post an announce in our recruitment website. It is a totally free website . Our website is not only free for employees, but it is also free for employers. http://www.find1job.com/postannounce.html

I hope this was helpful and I would to thank you for reading.


Posted by CCIE consultant at 3:10 PM 0 comments
Subscribe to: Posts (Atom)