[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Configuring CHAP on DSL Interfaces (Optional)

For interfaces with PPPoA encapsulation, you can optionally configure interfaces to support the PPP Challenge Handshake Authentication Protocol (CHAP). When you enable CHAP on an interface, the interface can authenticate its peer and be authenticated by its peer.

If you set the passive option to handle incoming CHAP packets only, the interface does not challenge its peer. However, if the interface is challenged, it responds to the challenge. If you do not set the passive option, the interface always challenges its peer.

For more information about CHAP, see the JUNOS Network Interfaces Configuration Guide.

To configure CHAP on the ATM-over-ADSL or ATM-over-SHDSL interface:

  1. Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
  2. Perform the configuration tasks described in Table 47.
  3. If you are finished configuring the router, commit the configuration.
  4. To check the configuration, see Verifying DSL Interface Configuration.

Table 47: Configuring CHAP

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the Access level in the configuration hierarchy.
  1. In the J-Web interface, select Configuration>View and Edit>Edit Configuration.
  2. Next to Access, click Configure or Edit.

From the [edit] hierarchy level, enter

edit access

Define a CHAP access profile—for example, A-ppp-client—with a client named client 1 and the secret (password) my-secret.
  1. Next to Profile, click Add new entry.
  2. In the Profile name box, type A-ppp-client.
  3. Next to Client, click Add new entry.
  4. In the Name box, type client1.
  5. In the Chap secret box, type my-secret.
  6. Click OK until you return to the main Configuration page.

Enter

set profile A-ppp-client client client1 chap-secret my-secret.

Navigate to the appropriate ATM interface level in the configuration hierarchy—for example, at-3/0/0 unit 0.
  1. On the main Configuration page next to Interfaces, click Configure or Edit.
  2. In the Interface name box, click at-3/0/0.
  3. In the Interface unit number box, click 0.

From the [edit] hierarchy level, enter

edit interfaces at-3/0/0 unit 0

Configure CHAP on the ATM-over-ADSL or ATM-over-SHDSL interface and specify a unique profile name containing a client list and access parameters—for example, A-ppp-client.
  1. Next to Ppp options, click Configure.
  2. Next to Chap, click Configure.
  3. In the Access profile box, type A-ppp-client.

Enter

set ppp-options chap access-profile A-ppp-client

Specify a unique hostname to be used in CHAP challenge and response packets—for example, A-at-3/0/0.0.

In the Local name box, type, A-at-3/0/0.0

Enter

set ppp-options chap local-name A-at-3/0/0.0.

Set the passive option to handle incoming CHAP packets only.
  1. In the Passive box, click Yes.
  2. Click OK.

Enter

set ppp-options chap passive

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

[an error occurred while processing this directive]