Authentication is a feature that needs to be implemented correctly or the security of your serial connection may be compromised. Always verify your configuration with the show interfaces serial command, in the same way as you did without authentication.
Note: Never assume your authentication configuration works without testing it. Debugging allows you to confirm your configuration and correct any deficiencies. For debugging PPP authentication, use the debug ppp authentication command.
The figure shows an example output of the debug ppp authentication command. The following is an interpretation of the output:
Line 1 says that the router is unable to authenticate on interface Serial0 because the peer did not send a name.
Line 2 says the router was unable to validate the CHAP response because USERNAME pioneer was not found.
Line 3 says no password was found for pioneer. Other possible responses at this line might have been no name received to authenticate, unknown name, no secret for given name, short MD5 response received, or MD5 compare failed.
In the last line, the code 4 means that a failure has occurred. Other code values are as follows:
- 1 - Challenge
- 2 - Response
- 3 - Success
- 4 - Failure
- id - 3 is the ID number per LCP packet format
- len - 48 is the packet length without the header