How to configure PAP {Password Authentication Protocol} on cisco routers


This article is all about how to configure PAP on cisco routers. In the previous article, we learn about how to create VLANs on cisco switches. Now in this tutorial, we learn about routers and their protocols. PAP is an authentication method that can be used over Point to Point link. Here we read a word Authentication that means you can use authentication to verify a router’s identity when it is connecting into your router options for authentication including CHAP and PAP. There are two authentication methods are present such as CHAP and PAP that can be used over Point to Point links. PAP is a simple and less secure method in comparison to the CHAP. In PAP authentication method password and username are sent in plain text, there is no encryption or protection. If it is accepted then the connection is allowed. PAP authentication method goes through two-way handshake process but it is not considered as a strong authentication protocol. In CHAP authentication method there is three-way handshake process and username and password are sent in encrypted form but still, PAP is a useful method. So let’s start here how to configure PAP on cisco routers.

Now to understand this process perfectly we take a lab in cisco packet tracer. In this lab, we take two routers having serial ports in it and two PCs.

NOTE: – Always remember that PAP configuration only configured on the router which are having serial ports in it. So always choose serial ports for configuring PAP on a router.

how to configure PAP on cisco routers

Now we start here how to configure PAP on cisco routers using this lab. First of all, we assign an IP address to all the interfaces of the router no matter that is a FastEthernet port or Serial port and also assigns an IP address to both the PCs using the static method. After that, we configure PPP encapsulation on the routers to configure PAP on the routers. We also check router interface before configuring PAP on it. By default, HDLC is configured on the router interface. So let’s start here

To assign IP address on the routers use given below commands

For router R1

— System Configuration Dialog —

Continue with configuration dialog? [yes/no]: no

Press RETURN to get started!

Router>enable

Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#hostname R1

R1(config)#interface FastEthernet0/0

R1(config-if)#ip address 10.0.0.1 255.0.0.0

R1(config-if)#no shutdown

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

R1(config-if)#exit

R1(config)#interface Serial0/0/0

R1(config-if)#ip address 20.0.0.1 255.0.0.0

R1(config-if)#no shutdown

%LINK-5-CHANGED: Interface Serial0/0/0, changed state to down

R1(config-if)#exit

 

Now to check your routers interface whether it is HDLC or not use given below code on R1

R1>enable

R1#show interface se0/0/0

Serial0/0/0 is down, line protocol is down (disabled)

Hardware is HD64570

Internet address is 20.0.0.1/8

MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation HDLC, loopback not set, keepalive set (10 sec)

If here HDLC is displayed on your routers interface then your router is by default work on HDLC.

 

For router R2

— System Configuration Dialog —

Continue with configuration dialog? [yes/no]: no

Press RETURN to get started!

Router>enable

Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#hostname R2

R2(config)#interface FastEthernet0/0

R2(config-if)#ip address 30.0.0.1 255.0.0.0

R2(config-if)#no shutdown

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

R2(config-if)#exit

R2(config)#interface Serial0/0/0

R2(config-if)#ip address 20.0.0.2 255.0.0.0

R2(config-if)#no shutdown

%LINK-5-CHANGED: Interface Serial0/0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up

R2(config-if)#exit

 

Now to check your routers interface whether it is HDLC or not use given below code on R2

R2>enable

R2#show interface se0/0/0

Serial0/0/0 is up, line protocol is up (connected)

Hardware is HD64570

Internet address is 20.0.0.2/8

MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation HDLC, loopback not set, keepalive set (10 sec)

If here HDLC is displayed on your routers interface then your router is by default work on HDLC.

 

Now we configure PPP encapsulation using given below command and also troubleshoot your configuration by using troubleshooting command and verify your routing

For router R1

R1>enable

R1#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

R1(config)#username R2 password rahul

R1(config)#interface serial0/0/0

R1(config-if)#encapsulation ppp

R1(config-if)#

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to down

R1(config-if)#ppp authentication pap

R1(config-if)#ppp pap sent-username R1 password rahul

R1(config-if)#exit

R1(config)#exit

 

Now to check PAP configuration on router R1 use given below command

R1#show interface serial0/0/0

Serial0/0/0 is up, line protocol is down (disabled)

Hardware is HD64570

Internet address is 20.0.0.1/8

MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation PPP, loopback not set, keepalive set (10 sec)

If here PPP is displayed instead of HDLC then your configuration take place successfully.

 

For router R2

R2>enable

R2#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

R2(config)#username R1 password rahul

R2(config)#interface serial0/0/0

R2(config-if)#encapsulation ppp

R2(config-if)#ppp authentication pap

R2(config-if)#ppp pap sent-username R2 password rahul

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up

R2(config-if)#exit

R2(config)#exit

 

Now to check PAP configuration on router R2 use given below command

R2#show interface serial0/0/0

Serial0/0/0 is up, line protocol is up (connected)

Hardware is HD64570

Internet address is 20.0.0.2/8

MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation PPP, loopback not set, keepalive set (10 sec)

If here PPP is displayed instead of HDLC then your configuration take place successfully.

 

Now after that, we test the connection using ping command on both the routers after configuration of PAP between two routers.

For router R1

R1(config)#do ping 20.0.0.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 20.0.0.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/9/17 ms

 

For router R2

R2(config)#do ping 20.0.0.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 20.0.0.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/15/45 ms

                                               THAT’S IT 

This is the whole process of configuring PAP on cisco routers. By using this process you can be able to configure PAP on any of the routers easily. If you have any queries regarding this solved out through the comment section and also provide feedback to us because your feedback is valuable for us.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s