In this example, neither host chose to authenticate the other using PAP or CHAP. Only login authentication was performed when the connection was initiated.
60 Link link_0 : Phase was ESTABLISH, Phase Now AUTHENTICATE 61 Link link_0 : Authentication Initialized 62 Link link_0 : CHAP Started 63 Link link_0 : PAP Started 64 Link link_0 : Authentication Complete 65 Link link_0 : CHAP Terminated 66 Link link_0 : PAP TerminatedIf the remote side refused to authenticate itself using the protocol (PAP or CHAP) requested by the local side, negotiation would fail and the connection would already have been dropped during the LCP phase. See ``Negotiate LCP parameters'' for more information.
If the remote side authenticates the local side using PAP, you should see messages such as the following if it succeeds:
PAP Sending Request. Name 'foo', Secret 'clydenw' PAP Message 'Authentication successful' PAP Authentication with Peer SucceededIf the local side authenticates the remote side using PAP, you should see messages such as the following if it succeeds:
Authentication Initialised (timeout 60 seconds) PAP Started PAP Received Request PAP Name 'foo', Secret 'clydenw' PAP Peer succeeded PAP authentication (Send Ack)If the remote side authenticates the local side using CHAP, you should see messages such as the following if it succeeds:
CHAP Received Challenge CHAP Peer Name 'barsoom' CHAP Sending response. Local name 'foo' CHAP Received SUCCESS CHAP Message 'Authentication successful' CHAP Authentication with Peer SucceededIf the local side authenticates the remote side using CHAP, you should see messages such as the following if it succeeds:
Authentication Initialised (timeout 60 seconds) CHAP Started CHAP Send Challenge. Name 'barsoom' PAP Started ... CHAP Received Response CHAP Peer Name 'foo' CHAP Received Valid Response (Send Success) Authentication - Peer name is 'foo' Authentication CompleteThe following sections detail cases where authentication might fail:
Authentication will fail and you will see one of the following warnings if the authentication database is configured incorrectly:
PAP WARNING No secret for the name peername CHAP WARNING No secret for the name peernameThe protocol will be shown as PAP or CHAP depending on the type of authentication being performed. The possible causes of such warnings are:
If the local host failed to authenticate itself with the remote host using PAP, you would expect to see messages such as the following before the connection was closed:
PAP Sending Request. Name 'foo', Secret 'clydenw' PAP Received Nak PAP Message 'Authentication failed' PAP Failed to authenticate with PeerThis may be because the local host gave the wrong password, or the remote host's authentication database did not contain a local PAP secret for the peer.
If the local host failed to authenticate the remote host (the peer) using PAP because the remote host gave the wrong password, you would expect to see messages such as the following before the connection was closed:
PAP Received Request PAP Name 'foo', Secret 'clydenw' PAP Peer failed PAP authentication (Send Nak)
If the local host failed to authenticate itself with the remote host using CHAP, you would expect to see messages such as the following before the connection was closed:
CHAP Received Challenge CHAP Peer Name 'barsoom.acme.com' CHAP Sending response. Local Name 'foo' CHAP Message 'Authentication failed' CHAP Failed to authenticate with PeerThis may be because the local host sent an incorrect response value calculated from an invalid secret, or the remote host's authentication database did not contain a local CHAP secret for the peer.
If the local host failed to authenticate the remote host (the peer) using CHAP because the remote host sent an incorrect response value calculated from an invalid secret, you would expect to see messages such as the following before the connection was closed:
CHAP Send Challenge. Name 'barsoom.acme.com' CHAP Received Response CHAP Peer Name 'foo' CHAP Received invalid Response (Send Fail)