Which protocol is used to provide authentication across a point-to-point link using ppp?
DefinitionThe Point-to-Point Protocol (PPP) is a link-layer protocol used to transmit point-to-point (P2P) data over full-duplex synchronous and asynchronous links. Show PPP negotiation involves the following items:
PPP uses the Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP) to secure network communication. If carriers have high bandwidth requirements, bundle multiple PPP links into an MP link to increase link bandwidth and improve link reliability. PurposePPP, which works at the second layer (data link layer) of the open systems interconnection (OSI) model, is mainly used on links that support full-duplex to transmit data. PPP is widely used because it provides user authentication, supports synchronous and asynchronous communication, and is easy to extend. PPP is developed based on the Serial Line Internet Protocol (SLIP) and overcomes the shortcomings of SLIP which supports transmits only IP packets, and does not support negotiation. Compared with other link-layer protocols, PPP has the following advantages:
Note: The Point-to-Point Protocol is not a topic in CCNA 200-301 so if you are preparing for this exam you can ignore this tutorial. Point-to-Point Protocol (PPP) is an open standard protocol that is mostly used to provide connections over point-to-point serial links. The main purpose of PPP is to transport Layer 3 packets over a Data Link layer point-to-point link. PPP can be configured on: PPP consists of two sub-protocols: Establish a PPP session Before a PPP connection is established, the link must go through three phases of session establishment: 1. Link establishment phase: In this phase, each PPP device sends LCP packets to configure and test the data
link Note: The default serial encapsulation on Cisco routers is HDLC so if you want to use PPP you have to configure it. Unlike HDLC which is a Cisco proprietary protocol, PPP is an open standard protocol so you should use it to connect a Cisco router to a non-Cisco router PPP Authentication Methods In this part we will learn more about two authentication methods used in Authentication Phase of PPP. PPP has two built-in security mechanisms which are Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP). Password Authentication Protocol (PAP) is a very simple authentication protocol. The client who wants to access a server sends its username and password in clear text. The server checks the validity of the username and password and either accepts or denies connection. This is called two-way handshake. In PAP two-way handshake process, the username and password are sent in the first message. For those systems that require greater security, PAP is not enough as a third party with access to the link can easily pick up the password and access the system resources. In this case CHAP can save our life! Challenge Handshake Authentication Protocol (CHAP) is an PPP authentication protocol which is far more secure than PAP. Let’s see how CHAP three-way handshake works: With CHAP, the protocol begins (after the LCP phase is complete) with a random text (called a challenge) sent from the Server, which asks the Client to authenticate. After receiving the challenge, the Client uses its password to perform a one-way hash algorithm (MD5) to encrypt the random text received from the server. The result is then sent back to the Server. Therefore even if someone can capture the messages between client and server, he cannot know what the password is. At the Server side, the same algorithm is used to generate its own result. If the two results match, the passwords must match too. The main difference between PAP and CHAP is PAP sends username and password in clear text to the server while CHAP does not. Notice that in CHAP authentication process, the password itself is never sent across the link. Another difference between these two authentication protocols is PAP performs authentication at the initial link establishment only while CHAP performs authentication at the initial link establishment and periodically after that. The challenge text is random and unique so the “result” is also unique from time to time. This prevents playback attack (in which a hacker tries to copy the “result” text sent from Client to reuse). CHAP Summary: In the next part we will learn how to configure PAP and CHAP for PPP. Pages: 1 2 Which of the following can be used by PPP for authentication?The calling machine on a PPP link is considered the authenticatee because the caller must prove its identity to the remote peer. The peer is considered the authenticator.
Which protocol is used by PPP to provide authentication and protection from playback attacks select one?PAP (Password Authentication Protocol)
PPP defines an extensible LCP that allows negotiation of an authentication protocol for authenticating its peer before allowing Network layer protocols to transmit over the link. RFC 1334 defines two protocols for authentication. PAP is a very basic two-way process.
Which of the following sub protocols are used by PPP?PPP negotiation consists of three phases: LCP, Authentication, and NCP. PPP uses LCP to set up, configure, and test a data link connection. PPP uses NCP to establish and configure different network layer protocols.
What are the key features of the PointPPP has the following three main components: a way to encapsulate multiprotocol datagrams; Link Control Protocol to establish, configure and test the data link connection; and. a group of separate network control protocols that establish and configure different types of network layer protocols.
|