Auth

Auth

Usage Guidelines

Authentication Syntax

Options

Examples

Related Commands

Auth

This section of the configuration defines the PPP remote authentication database. If the router has been configured to request PAP or CHAP, using the keywords PAPRequest or CHAPRequest in the PPP section, the database is used to validate authentication responses from the remote peer or user.

edit config Auth

Usage Guidelines

Each line is one entry defining a remote authentication entry. Multi-line entries must have line breaks escaped with a backslash. However, line breaks encapsulated in a double-quoted string are preserved.

The database is global to the router. When the router makes an authentication request and receives a response, the router searches this database for a matching name. If the name is found, the password is validated and the success or failure is sent back to the peer. If the name is not found, the router will try to authenticate the name using RADIUS if RADIUS has been enabled (see the Radius section). If RADIUS is not enabled, the router returns a failure to the peer (or remote user). The authentication database will always supercede the RADIUS database.

An optional WAN interface can be specified to define the WAN interfaces on which a database entry is valid.

Authentication Syntax

After entering the edit config command, and then the append command, enter one or more authentication lines using the following syntax:

"Incoming_Name" "Password" [WAN slot:port [WAN slot:port] [...] | all | none]

Options

"Incoming_Name"

The Incoming_Name is the remote peer or user's CHAP or PAP name. It can be 1-255 bytes long and may be quoted strings in order to preserve spaces or embedded line breaks.

"Password"

The Password is the remote peer or user's CHAP secret or PAP password. It can be 1-255 bytes long and may be quoted strings in order to preserve spaces or embedded line breaks.

WAN slot:port [WAN slot:port] [...] | all | none

Specify the WAN port or ports to define the WAN interfaces on which a database entry is considered valid. It may be all, none or a list of portnames, (e.g., WAN 0:0 WAN 2:0 WAN 3:0). If all or none appear in a list of portnames, the first one encountered supercedes all other entries.

"Incoming_Name"	The Incoming_Name is the remote peer or user's CHAP or PAP name. It can be 1-255 bytes long and may be quoted strings in order to preserve spaces or embedded line breaks.
"Password"	The Password is the remote peer or user's CHAP secret or PAP password. It can be 1-255 bytes long and may be quoted strings in order to preserve spaces or embedded line breaks.
WAN slot:port [WAN slot:port] [...] \| all \| none	Specify the WAN port or ports to define the WAN interfaces on which a database entry is considered valid. It may be all, none or a list of portnames, (e.g., WAN 0:0 WAN 2:0 WAN 3:0). If all or none appear in a list of portnames, the first one encountered supercedes all other entries.

Examples

To specify a database entry for remote peer "Barney" with secret/password "Rubble":

[ Auth ]
Barney Rubble

Related Commands

Command Description

configure Link Config

Configures the interface parameters for a WAN port

configure PPP

Configures PPP parameters for an interface

configure Radius

Configures the concentrator for communication with a RADIUS server for user authentication

show ppp

Shows PPP information

Command	Description
configure Link Config	Configures the interface parameters for a WAN port
configure PPP	Configures PPP parameters for an interface
configure Radius	Configures the concentrator for communication with a RADIUS server for user authentication
show ppp	Shows PPP information

Table of Contents

Auth

Usage Guidelines

Authentication Syntax

Options

Examples

Related Commands