[Oberon] PPP - PAP and CHAP

[Paul Reed]

Ghost in the Machine wrote:

> I have my modem working but did find that my ISP wants CHAP authentication
> and not PAP as I had thought.  I've apparently been lucky.  I've setup DOS,
> Windows 3.1, NewDeal, Linux, and others assuming they should do PAP and
> somehow managed to get all of them to connect to my ISP. :-|

Careful!  Do you mean RFC1994 CHAP (the standard) or
the Microsoft-perverted CHAP (of which there is more
than one version!).  And what hash function do
they want you to use (MD5 etc.)?

If your ISP definitely only supports CHAP then it
may be that they don't really know what they're
doing and they are just using Microsoft kit or 
plug and play routers.  They may, on the other 
hand, know EXACTLY what they are doing.  It just 
makes me suspicious.

By the way, some experts say there are no clear 
advantages to using CHAP instead of PAP on a 
dial-up; it's not necessarily more secure, despite 
what the standard might say.  Both have weaknesses.

If you still have a working Linux PPP setup, it's
worth using it to find out PRECISELY what's going on.

There are two things you can do.  Firstly, you can
turn on a great deal of logging to look at what 
type of packets are being exchanged, and what
protocols are being agreed on.

Secondly, you can selectively disable PPP features
to force the other side to select different protocols
and features.

Welcome to the wonderful world of PPP!

Hope this helps

Paul Reed