XPort AR User Guide 119
6: Point-to-Point Protocol (PPP)
Point-to-Point Protocol (PPP) establishes a direct connection between two nodes. It
defines a method for data link connectivity between devices using physical layers
(such as serial lines). Some of the PPP features include: error detection,
compression, and authentication. For each of these capabilities, PPP has a separate
protocol.
The XPort AR supports two types of PPP authorization: Password Authentication
Protocol (PAP) and Challenge Handshake Protocol (CHAP). Both of these
authentication methods require the configuration of a username and password. It
also supports no authentication scheme when no authentication is required during
link negotiation.
PAP is an authentication protocol in PPP. It offers a straightforward method for the
peer to determine its identity. Upon the link establishment, the user ID and password
are repeatedly sent to the authenticator until it is acknowledged or the connection is
terminated.
Note: PAP is not a strong authentication process. There is no protection against
trial-and-error attacks. As well, the peer is responsible for the frequency of the
communication attempts.
CHAP is a more secure method than PAP. It works by sending a challenge message
to the connection requestor. Using a one-way hash function, the requestor responds
with its value. If the value matches the server’s own calculations, authentication is
provided. Otherwise, the connection is terminated.
Note: RFC1334 defines both CHAP and PAP.
Use the XPort AR’s Web Manager or CLI to configure a network link using PPP over
a serial line. Turn off Connect Mode, Accept Mode, and Command mode before
enabling PPP.
The XPort AR acts as the server side of the PPP link; it can require authentication
and assign an IP address to the peer. Upon PPP configuration, IP packets are
routed between Ethernet and PPP interfaces.