«

I have a working 3640 that I am trying to connect to from an ISDN W2K PC

PAP works fine but, I am unable to get it to Authenticate with CHAP or even
MS-CHAP

I would appreciate any pointers.

Thanks
Groper

Should work fine as long as the call direction is
PC -> 3640 not 3640 -> PC (Windows RAS does not
support standard CHAP.)

What's the configuration? What do your debugs say?

debug isdn q931
debug ppp negotiation
debug ppp authentication
debug aaa authentication
debug radius ! if using RADIUS
debug tacacs ! if using TACACS

---

~ I have a working 3640 that I am trying to connect to from an ISDN W2K PC
~
~ PAP works fine but, I am unable to get it to Authenticate with CHAP or even
~ MS-CHAP
~
~ I would appreciate any pointers.
~
~ Thanks
~ Groper
~

Thanks for your responce, I have turned on Debugging and get the following.
Unfortunatly it does not make much sense to me.


001971: Nov 14 10:35:22: ISDN Se2/0:15: RX <- SETUP pd = 8 callref = 0x0001
001972: Nov 14 10:35:22: Sending Complete
001973: Nov 14 10:35:22: Bearer Capability i = 0x8890
001974: Nov 14 10:35:22: Channel ID i = 0xA98381
001975: Nov 14 10:35:22.971 gmt: %LINK-3-UPDOWN: Interface Serial2/0:0,
changed
state to up
001976: Nov 14 10:35:24: Se2/0:0 LCP: I CONFREQ[Listen] id 1 len 46
001977: Nov 14 10:35:24: Se2/0:0 LCP: MagicNumber 0x06F330B1
(0x050606F330B1)
001978: Nov 14 10:35:24: Se2/0:0 LCP: PFC (0x0702)
001979: Nov 14 10:35:24: Se2/0:0 LCP: ACFC (0x0802)
001980: Nov 14 10:35:24: Se2/0:0 LCP: Callback 6 (0x0D0306)
001981: Nov 14 10:35:24: Se2/0:0 LCP: MRRU 1500 (0x110405DC)
001982: Nov 14 10:35:24: Se2/0:0 LCP: MultilinkShortSeq (0x1202)
001983: Nov 14 10:35:24: Se2/0:0 LCP: EndpointDisc 4 Magic
001984: Nov 14 10:35:24: Se2/0:0 LCP:
(0x131704A9FA9FA14292522F5F3DE7DCB9)
001985: Nov 14 10:35:24: Se2/0:0 LCP: (0xB636669A034034)
001986: Nov 14 10:35:24.399 gmt: %LINK-3-UPDOWN: Interface Serial2/0:0,
changed
state to down



"Aaron Leonard" <> wrote in message
news:...
> Should work fine as long as the call direction is
> PC -> 3640 not 3640 -> PC (Windows RAS does not
> support standard CHAP.)
>
> What's the configuration? What do your debugs say?
>
> debug isdn q931
> debug ppp negotiation
> debug ppp authentication
> debug aaa authentication
> debug radius ! if using RADIUS
> debug tacacs ! if using TACACS
>
> ---
>
> ~ I have a working 3640 that I am trying to connect to from an ISDN W2K PC
> ~
> ~ PAP works fine but, I am unable to get it to Authenticate with CHAP or
even
> ~ MS-CHAP
> ~
> ~ I would appreciate any pointers.
> ~
> ~ Thanks
> ~ Groper
> ~
>

"Groper" <michael.groves@valuelink_nospam_.co.uk> wrote in message
news:3fb3bcbc$0$22603$. net...
> I have a working 3640 that I am trying to connect to from an ISDN W2K PC
>
> PAP works fine but, I am unable to get it to Authenticate with CHAP or
even
> MS-CHAP

What kind of a terminal adapter? If external and serially attached, The
sync to async conversion usually precludes the use of CHAP, unless the
Terminal Adapter supports it.

Sorry to sound dumb, but I don't understand your reply!


"Phillip Remaker" <> wrote in message
news:1068856573.771727@sj-nntpcache-3...
>
> "Groper" <michael.groves@valuelink_nospam_.co.uk> wrote in message
> news:3fb3bcbc$0$22603$. net...
> > I have a working 3640 that I am trying to connect to from an ISDN W2K PC
> >
> > PAP works fine but, I am unable to get it to Authenticate with CHAP or
> even
> > MS-CHAP
>
> What kind of a terminal adapter? If external and serially attached, The
> sync to async conversion usually precludes the use of CHAP, unless the
> Terminal Adapter supports it.
>
>

The deal here is that (logically) you have this:

[router]------------------------[TA]---[[COM] PC]
\______________________/ ^
^ |
two B channels async RS232
(sync PPP)

so from the standpoint of Windows DUN, it's just
talking async PPP on one link. But between the
TA and the router, there is in fact a multilink
PPP bundle of two synchronous links.

So your TA has to do the conversion between async
PPP and sync PPP - also, it has to manage the
bundle of two links and make them look like one link
to the PC.

Now, when the PC wants to bring up the link, it will
send ONE PAP username/password. The TA has to be PAP-aware -
it needs to grab this PAP password, use it to bring up the
first link, then replay it for the second link.

So it sounds like your TA is PAP- but not CHAP- (MS-CHAP)-
aware - if the PC is trying to authenticate using CHAP
rater than PAP, it doesn't know how to grab the CHAP
secret and replay it.

If you're still not following, then don't worry - just
stick to PAP.

Aaron

---

~ Sorry to sound dumb, but I don't understand your reply!
~
~
~ "Phillip Remaker" <> wrote in message
~ news:1068856573.771727@sj-nntpcache-3...
~ >
~ > "Groper" <michael.groves@valuelink_nospam_.co.uk> wrote in message
~ > news:3fb3bcbc$0$22603$. net...
~ > > I have a working 3640 that I am trying to connect to from an ISDN W2K PC
~ > >
~ > > PAP works fine but, I am unable to get it to Authenticate with CHAP or
~ > even
~ > > MS-CHAP
~ >
~ > What kind of a terminal adapter? If external and serially attached, The
~ > sync to async conversion usually precludes the use of CHAP, unless the
~ > Terminal Adapter supports it.
~ >
~ >
~

Cheers mate, perfect explanation.

My TA was setup for PAP only. I changed it to CHAP, and now it works fine.

Yippee.......................

Thanks again, that was really starting to bug me.
Groper




"Aaron Leonard" <> wrote in message
news:...
> The deal here is that (logically) you have this:
>
> [router]------------------------[TA]---[[COM] PC]
> \______________________/ ^
> ^ |
> two B channels async RS232
> (sync PPP)
>
> so from the standpoint of Windows DUN, it's just
> talking async PPP on one link. But between the
> TA and the router, there is in fact a multilink
> PPP bundle of two synchronous links.
>
> So your TA has to do the conversion between async
> PPP and sync PPP - also, it has to manage the
> bundle of two links and make them look like one link
> to the PC.
>
> Now, when the PC wants to bring up the link, it will
> send ONE PAP username/password. The TA has to be PAP-aware -
> it needs to grab this PAP password, use it to bring up the
> first link, then replay it for the second link.
>
> So it sounds like your TA is PAP- but not CHAP- (MS-CHAP)-
> aware - if the PC is trying to authenticate using CHAP
> rater than PAP, it doesn't know how to grab the CHAP
> secret and replay it.
>
> If you're still not following, then don't worry - just
> stick to PAP.
>
> Aaron
>
> ---
>
> ~ Sorry to sound dumb, but I don't understand your reply!
> ~
> ~
> ~ "Phillip Remaker" <> wrote in message
> ~ news:1068856573.771727@sj-nntpcache-3...
> ~ >
> ~ > "Groper" <michael.groves@valuelink_nospam_.co.uk> wrote in message
> ~ > news:3fb3bcbc$0$22603$. net...
> ~ > > I have a working 3640 that I am trying to connect to from an ISDN
W2K PC
> ~ > >
> ~ > > PAP works fine but, I am unable to get it to Authenticate with CHAP
or
> ~ > even
> ~ > > MS-CHAP
> ~ >
> ~ > What kind of a terminal adapter? If external and serially attached,
The
> ~ > sync to async conversion usually precludes the use of CHAP, unless the
> ~ > Terminal Adapter supports it.
> ~ >
> ~ >
> ~
>