Point-to-Point Protocol (PPP) can use either Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP) for authentication. CHAP is used upon initial link establishment and periodically to make sure that the router is still communicating with the same host. CHAP passwords arc exchanged as message digest algorithm 5 (MD5) hash values.
The three-way handshake steps are as follows:
Challenge: The authenticator generates a frame called a Challenge and sends it to the initiator. This frame contains a simple text message (sometimes called the challenge text). The message has no inherent special meaning so it doesn’t matter if anyone intercepts it. The important thing is that after receipt of the Challenge both devices have the same challenge message.
Response: The initiator uses its password (or some other shared “secret” that the authenticators also knows) to encrypt the challenge text. It then sends the encrypted challenge text as a Response back to the authenticator.
Success or Failure: The authenticator performs the same encryption on the challenge text that the initiator did. If the authenticator gets the same result that the initiator sent it in the Response, the authenticator knows that the initiator had the right password when it did its encryption, so the authenticator sends back a Success message. Otherwise, it sends a Failure message.
(Reference: CCNA Quick Reference Sheets)
From the output, we see the the line “Serial0/1 is up, line protocol is up”. That means the link is good and the interface is functioning normally. Also the encapsulation used on this interface is HDLC -> The other end must use the same encapsulation. Otherwise the line protocol will go down.
The command “ppp authentication chap pap” command indicates the CHAP authentication is used first. If it fails or is rejected by other side then uses PAP instead. If you want to use PAP first (then CHAP) you can use the “ppp authentication pap chap” command.
PPP supports both synchronous (like analog phone lines) and asynchronous circuits (such as ISDN or digital links). With synchronous circuits we need to use clock rate.
Note: Serial links can be synchronous or asynchronous. Asynchronous connections used to be only available on low-speed (<2MB) serial interfaces, but now, there are the new HWICs (High-Speed WAN Interface Cards) which also support asynchronous mode. To learn more about them please visit http://www.cisco.com/en/US/prod/collateral/modules/ps5949/ps6182/prod_qas0900aecd80274424.html.
Link Control Protocol (LCP) is a subprotocol within the Point-to-Point Protocol protocol suite that is responsible for link management. During establishment of a PPP communication session, LCP establishes the link, configures PPP options, and tests the quality of the line connection between the PPP client and PPP server. LCP automatically handles encapsulation format options and varies packet sizes over PPP communication links.
LCP also negotiates the type of authentication protocol used to establish the PPP session. Different authentication protocols are supported for satisfying the security needs of different environments.
Other subprotocol within PPP is Network Control Protocol (NCP), which is used to allow multiple Network layer protocols (routed protocols) to be used on a point-to-point connection.
Layer 2 includes the popular WAN standards, such as the Point-to-Point Protocol (PPP), High-Level Data-Link Control (HDLC) and Frame Relay protocols.