Home > Point to Point Protocol (PPP) Tutorial

Point to Point Protocol (PPP) Tutorial

March 11th, 2016 Go to comments

Point-to-Point Protocol (PPP) is an open standard protocol that is mostly used to provide connections over point-to-point serial links. The main purpose of PPP is to transport Layer 3 packets over a Data Link layer point-to-point link. PPP can be configured on:
+ Asynchronous serial connection like Plain old telephone service (POTS) dial-up
+ Synchronous serial connection like Integrated Services for Digital Network (ISDN) or point-to-point leased lines.

PPP consists of two sub-protocols:
+ Link Control Protocol (LCP): set up and negotiate control options on the Data Link Layer (OSI Layer 2). After finishing setting up the link, it uses NCP.
+ Network control Protocol (NCP): negotiate optional configuration parameters and facilitate for the Network Layer (OSI Layer 3). In other words, it makes sure IP and other protocols can operate correctly on PPP link

PPP_NCP_LCP.jpg

Establish a PPP session

Before a PPP connection is established, the link must go through three phases of session establishment:

1. Link establishment phase: In this phase, each PPP device sends LCP packets to configure and test the data link
2. Authentication phase (optional): If authentication is enabled, either PAP or CHAP will be used. PAP and CHAP are two authentication protocols used in PPP
3. Network layer protocol phase: PPP sends NCP packets to choose and configure Network Layer protocol (OSI Layer 3) to be encapsulated and sent over the PPP data link

PPP_Phases.jpg

Note: The default serial encapsulation on Cisco routers is HDLC so if you want to use PPP you have to configure it. Unlike HDLC which is a Cisco proprietary protocol, PPP is an open standard protocol so you should use it to connect a Cisco router to a non-Cisco router

PPP Authentication Methods

In this part we will learn more about two authentication methods used in Authentication Phase of PPP.

PPP has two built-in security mechanisms which are Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP).

Password Authentication Protocol (PAP) is a very simple authentication protocol. The client who wants to access a server sends its username and password in clear text. The server checks the validity of the username and password and either accepts or denies connection. This is called two-way handshake. In PAP two-way handshake process, the username and password are sent in the first message.

PAP_Authentication.jpgPAP two-way handshake

For those systems that require greater security, PAP is not enough as a third party with access to the link can easily pick up the password and access the system resources. In this case CHAP can save our life!

Challenge Handshake Authentication Protocol (CHAP) is an PPP authentication protocol which is far more secure than PAP. Let’s see how CHAP three-way handshake works:

CHAP_Authentication_stage_1.jpg

With CHAP, the protocol begins with a random text (called a challenge) sent from the Server, which asks the Client to authenticate.

CHAP_Authentication_stage_2.jpg

After receiving the challenge, the Client uses its password to perform a one-way hash algorithm (MD5) to encrypt the random text received from the server. The result is then sent back to the Server. Therefore even if someone can capture the messages between client and server, he cannot know what the password is.

CHAP_Authentication_stage_3.jpg

At the Server side, the same algorithm is used to generate its own result. If the two results match, the passwords must match too.

The main difference between PAP and CHAP is PAP sends username and password in clear text to the server while CHAP does not. Notice that in CHAP authentication process, the password itself is never sent across the link.

Another difference between these two authentication protocols is PAP performs authentication at the initial link establishment only while CHAP performs authentication at the initial link establishment and periodically after that. The challenge text is random and unique so the “result” is also unique from time to time. This prevents playback attack (in which a hacker tries to copy the “result” text sent from Client to reuse).

In the next part we will learn how to configure PAP and CHAP for PPP.

Comments (50) Comments
Comment pages
1 2 3 2751
  1. serafo
    March 11th, 2016

    Thanks 9tut.

  2. Anil royal
    March 11th, 2016

    nice work
    tell me one thing still ur july 7 dumps are valid ?

  3. Anonymous
    March 12th, 2016

    thanks 9tut

  4. Viktor
    March 13th, 2016

    Big thanks! God bless you!

  5. waleed
    March 14th, 2016

    Thank you 9tut

  6. imran awan
    March 16th, 2016

    Hi,Can some one email me the latest dumps for ccna R&S at {email not allowed}
    i will be very thankful.

  7. Anonymous
    March 20th, 2016

    Can someone sent me a copy of the latest VCE 2.2.1?

  8. Ray
    March 25th, 2016

    wow….this is very easy to understand…the examples also are good.Thanks and god bless

  9. Anonymous
    March 27th, 2016

    thanks 9tut!God bless you!

  10. Usman
    March 28th, 2016

    Kindly send me latest CCNA dupms in vce file

  11. Niki
    March 28th, 2016

    nice one

  12. shahida
    March 29th, 2016

    latest dumps please

  13. Anonymous
    April 2nd, 2016

    Kindly send latest ccna dumps to {email not allowed}

  14. Anonymous
    April 4th, 2016

    please help me I cant find ccna implementation sim questions .

  15. 9tut
    April 4th, 2016

    @Anonymous: That sim is old and does not appear in the exam any more so we removed it.

  16. jobs
    April 4th, 2016

    hi. is the ccna v25.2 the update exam resource?please advise if there is a more updated one. planning to take ccna his month

  17. Soon2Bcertified
    April 7th, 2016

    What does paying to join 9tut do? What other materials will I have access to?

  18. Anonymous
    April 8th, 2016

    Thanks!

  19. Jyoti
    April 8th, 2016

    hello 9tut, are the dumps valid? i am giving the 200-120 exam next week.
    also are the simulations up to date. please let me know

  20. Anonymous
    April 8th, 2016

    Please I need help with the cracked vce simulator.. kindly forward here – {email not allowed}

  21. theri
    April 12th, 2016

    latest dumps???

  22. Anonymous
    April 12th, 2016

    I need CCNP latest dumps. If you have please kindly send me on my email.
    {email not allowed}

  23. Seyiwealth
    April 13th, 2016

    Hi everyone,

    Please can someone email me the latest ccna 200-120 dumps. am writing my exams soonest. {email not allowed}

  24. Anonymous
    April 13th, 2016

    Can someone mail me the latest ccna r&s dumps
    email id: {email not allowed}

  25. Geeta
    April 16th, 2016

    Hello! Can someone mail me the latest ccna r&s dumps!
    My email Id is kulkarnigeetaa at gmail dot com

  26. Igmotta
    April 19th, 2016

    Hello!
    Can someone mail me the latest ccna dumps r&s.
    My emaul id is group.alm at gmail dot com or igor at suportesigma dot com.
    Tank you,

  27. Anonymous
    April 24th, 2016

    Where do I find the latest dump April 2016?

  28. Anonymous
    April 27th, 2016

    thanks

  29. ziya
    May 2nd, 2016

    Please can anyone send me CCNA R&S latest dumps to my gmail zziyaa1 @ gmail . com

    Thanks

  30. Ailton Santos
    May 2nd, 2016

    Please can anyone send me CCNA R&S latest dumps to my ailton.santosbr @ gmail . com

  31. kajana
    May 2nd, 2016

    Please Someone send CCNA R&S latest dumps to my email giokajana @ gmail . com

  32. john
    May 3rd, 2016

    Can someone please send the latest dumps to johnsmith12usa @ gmail . com

  33. Naveen
    May 3rd, 2016

    Please can anyone send me CCNA R&S latest dumps to my gmail id {email not allowed}

  34. Tushar
    May 4th, 2016

    Appearing for Exam tomm
    please guide

    Thanks

  35. Anonymous
    May 4th, 2016

    its really nice and understandable

  36. Fancy
    May 9th, 2016

    Thank you for your explanation. I hope I will get more knowledge

  37. jerry
    May 9th, 2016

    Please can anyone send me CCNA R&S latest dumps to my {email not allowed}

  38. VALID DUMPS
    May 9th, 2016

    VALID get at below link

    ccna-dumps200-120.blogs p o t . c o m

  39. Eleandro
    May 14th, 2016

    nice work.

  40. donlico
    May 26th, 2016

    I am try to configure CHAP in Client Router with Packet Tracer but I can’t because the router says:
    Client1(config-if)#ppp chap hostname CLIENT1
    ^
    % Invalid input detected at ‘^’ marker.

    Client1(config-if)#ppp ?
    authentication Set PPP link authentication method
    pap Set PAP authentication parameters

    I want to know is the type of the router that I have choice for this configuration or the packet trace not support CHAP configuration?

  41. vel
    June 6th, 2016

    thank u 9tut

  42. olusam
    June 7th, 2016

    Thank you 9tut. eye opener

  43. abiola
    June 17th, 2016

    pls can anyone send me the latest dumb for CCNA cos i will be writing my exam next week………….here is my email:{email not allowed}

  44. Nikhil
    June 18th, 2016

    I have my exam on Monday 20/6/2016, I have actual test dumps, can i rely for sims here?

  45. Anonymous
    July 2nd, 2016

    I want to actual dumps for ccna exm.

  46. ruk
    July 4th, 2016

    please send me any one 200-120 latest dump
    {email not allowed}

  47. ruk
    July 4th, 2016

    please send me any one 200-120 latest dump
    keshanalaknuwan @ gmail.com

  48. Zdeslav
    July 9th, 2016

    please send me any one 200-120 latest dump. Thanks!!!
    zdeslavkossi @ gmail.com

  49. Amin
    July 14th, 2016

    Hi sophia,

    My email id is {email not allowed}, if you have latest dumps, please send me. I will be very thankful.

  50. Amin
    July 14th, 2016

    Hi sophia,
    My email id is aminbangash110 @ gmail.com, if you have latest dumps, please send me. I will be very thankful.

Comment pages
1 2 3 2751
Add a Comment