RuggedCom RS400 用户手册
PPP over Modem
RS400
223
ROS™ v3.5
On the dial-in client:
• The telephone number to dial in order to reach the RuggedCom device
• The authentication protocol (PAP or CHAP) to use and a username and password that will
be accepted by the device. The server name, if the client requires it during CHAP
authentication
authentication
• The client must be configured to accept an IP address from the device
• The router must be configured to treat the PPP link as its default route (or a specific static
route to the server’s IP network must be installed).
11.1.3 Assigning IP Addresses For PPP
The PPP connection is a routed connection, and IP addresses must be assigned. Ensure that
the addresses used are unique in the network. They should not conflict with the network
numbers of the management interface or of any remote networks installed as static routes. The
default IP link addresses are 192.168.1.1 (server) and 192.168.1.2 (client).
the addresses used are unique in the network. They should not conflict with the network
numbers of the management interface or of any remote networks installed as static routes. The
default IP link addresses are 192.168.1.1 (server) and 192.168.1.2 (client).
If you have a number of RuggedCom devices to connect, the minimum subnet mask of
255.255.255.252 will generate server/client address pairs of the form (192.168.1.1/192.168.1.2),
(192.168.1.5/192.168.1.6), (192.168.1.9/192.168.1.10)…
255.255.255.252 will generate server/client address pairs of the form (192.168.1.1/192.168.1.2),
(192.168.1.5/192.168.1.6), (192.168.1.9/192.168.1.10)…
11.1.4 PAP/CHAP Authentication
11.1.4.1 Users Profiles
11.1.4.1 Users Profiles
By default the server will accept modem calls from all clients after PPP is enabled. In order to
restrict connections to specific clients, up to ten profiles including a user name and password
may be configured. The client must be configured to use one of these profiles in order to
connect.
restrict connections to specific clients, up to ten profiles including a user name and password
may be configured. The client must be configured to use one of these profiles in order to
connect.
Note: Authentication
validates
computer systems, not users. After the connection to the client computer is
authenticated, any users of that system or any other hosts that can route packets to that computer
will be able to issue packets to the server.
will be able to issue packets to the server.
11.1.4.2 Using PAP
The Password Authentication Protocol (PAP) verifies the identity of the client in a two-step
process:
process:
• After the PPP link establishment phase is complete, the client sends its username and
password repeatedly (in clear text).
• The RuggedCom device will acknowledge the authentication or terminate the connection.
The client may also use PAP to authenticate the server. This is known as two-way
authentication. When two-way authentication is required, configure the outgoing PAP password.
A separate authentication will proceed in the reverse direction (i.e. the server will send the
password and the client will issue the acknowledgement).
authentication. When two-way authentication is required, configure the outgoing PAP password.
A separate authentication will proceed in the reverse direction (i.e. the server will send the
password and the client will issue the acknowledgement).
11.1.4.3 Using CHAP
The Challenge Handshake Authentication Protocol (CHAP) verifies the identity of the client in a
three-step process:
three-step process: