chap
Syntax
chap {
access-profile name;
challenge-length minimum minimum-length maximum maximum-length;
default-chap-secret name;
local-name name;
passive;
}
Hierarchy Level
[edit interfaces interface-name ppp-options], [edit interfaces interface-name unit logical-unit-number ppp-options], [edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number ppp-options]
Description
Allow each side of a link to challenge its peer, using a “secret” known only to the authenticator and that peer. The secret is not sent over the link.
By default, PPP CHAP is disabled. If CHAP is not explicitly enabled, the interface makes no CHAP challenges and denies all incoming CHAP challenges.
For ATM2 IQ interfaces only, you can configure CHAP on the logical interface unit if the logical interface is configured with one of the following PPP over ATM encapsulation types:
atm-ppp-llc—PPP over AAL5 LLC encapsulation.atm-ppp-vc-mux—PPP over AAL5 multiplex encapsulation.
On inline service (si) interfaces for L2TP, only
the chap statement itself is typically used for subscriber
management. We recommend that you leave the subordinate statements
at their default values.
The remaining statements are explained separately. Search for a statement in CLI Explorer or click a linked statement in the Syntax section for details.
Required Privilege Level
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
Release Information
Statement introduced before Junos OS Release 7.4.