PPP Protocol is one of WAN Connection type, it is a Point-to-point protocol that was originally developed as an encapsulation method for point-to-point communications between devices using TCP/IP protocol suite. PPP protocol has become a widely accepted WAN encapsulation method primarily because of its support for multiple network-layer protocols such as IP, IPX AppleTalk and more. The following is the key features summary of PPP protocol.
1. PPP protocol Operates across any data communications equipment (DCE) and data terminal equipment (DTE) interface connection
2. PPP protocol can operates in both synchronous (dial-up) or asynchronous mode and ISDN
3. No transmission rate limits
4. Load balancing across multiple links
5. LCPs are exchanged when the link is established to test the link and agree upon
6. PPP protocol support Multiple upper layer protocol such as IP; IPX; AppleTalk
7. PPP protocol support authentication both clear text PAP (Password Authentication Protocol) and encrypted CHAP (Challenge Handshake Authentication Protocol)
8. NCPs encapsulate Network layer protocols and contain a field indicating the upper layer protocols
The following diagram shows how PPP protocol corresponds to OSI model.
PPP specifications end at the Data link layer. The NCP (Network Control Protocol) allows PPP protocol to support multiple upper-layer protocols such as IP; IPX; AppleTalk. This flexibility makes this PPP protocol becomes popular. The NCP acts as an interface between the Data link layer (specified by PPP protocol) and the network. PPP protocol uses NCP to encapsulate Network layer packets. The PPP packet includes a header that indicates the Network layer protocol in use.
The PPP Link Control Protocol (LCP) is a set of services that performs link setup and administration including:
- Link testing and negotiation
- Compression
- Authentication
- Error detection
When the session begins, devices exchange LCP packets to negotiate the services listed here. PPP protocol specifications do not include unique Physical layer standards. But, PPP protocol can run on a variety of synchronous and asynchronous physical standards including:
- Asynchronous serial such as Dial-up
- ISDN
- Synchronous serial
- HSSI (High Speed Serial Interface)
PPP protocols establish communication in three phases:
- Open the link and establish the session by exchanging the LCPs
- Establishing optional authentication through PPP or CHAP, CHAP is recommended.
- Agree on upper layer protocols (IP; IPX; AppleTalk; etc)
Configuring PPP protocol
The default point-to-point protocol for Cisco router is HDLC (High-level Data Link Control) which is commonly use in leased line (T1; E1 etc), but HDLC does not support the Authentication. HDLC is Cisco’s proprietary that can not work with other routers.
How to enable PPP protocol? Here is a simple PPP protocol implementation:
Router# configure terminal
Router (config)# interface serial 0
Router (config-if) # encapsulation ppp
Router (config-if) # exit
The PPP protocol is initialized and enable at the serial 0 interface. The next step is to set the authentication type to use:
Router (config) # int s0
Router (config-if) # ppp authentication pap
Or you can use the CHAP authentication method.
Router (config-if) # ppp authentication chap
Router (config-if) # ^Z
Router # show int s0
CHAP is recommended for the PPP protocol authentication method, it provides a two way encrypted authentication that is more secure than PAP. When the lines come up, the access server at either ends issue a challenge message. Once the challenge has been issued, the remote end will respond with a one-way hash function using Message Digest 5 (MD5) which takes the local user name and password. The beauty of this is that it prevents the password from being passed across the network. Both end routers should have the same configuration in regards to this PPP protocol including the authentication method used.
Router (config) # username router password cisco
Router (config) # interface serial 0
Router (config-if) # encapsulation ppp
Router (config-if) # ppp chap hostname router
Router (config-if) # ppp authentication chap
In PPP protocol, if CHAP authentication is used, the following diagram should be followed in configuring the username and password at both ends of the routers.
PPP Protocol - Chap authentication
- Configure both routers with a username and password
- The username identifies the hostname of the remote router
- The password configured on both routers must match
When PAP authentication is used, the password will be sent and used for authentication. But when CHAP is used, the password identifies the shared secret that is not sent during the authentication.
See also:
Recent Comments