|
|
This chapter describes the function and displays the syntax of each command available to configure Point-to-Point Protocol (PPP) for wide-area networking on your router. For more information about defaults and usage guidelines, see the corresponding chapter of the Wide-Area Networking Command Reference.
To enable automatic detection of the encapsulation types in operation over a point-to-point link to a specified serial or ISDN interface, use the autodetect encapsulation interface configuration command. To disable automatic, dynamic detection of the encapsulation types in operation on a link, use the no form of this command.
autodetect encapsulation encapsulation-type| encapsulation-type | One or more of the encapsulation keywords v120, and ppp. |
To shut down a specified tunnel and all the MIDs within it, use the clear vpdn tunnel EXEC command.
clear vpdn tunnel network-access-server gateway-name| network-access-server | Name of the network access server at the far end of the tunnel, probably the point of presence of the public data network or the Internet Service Provider's. |
| gateway-name | Host name of Home Gateway at the local end of the tunnel. |
To enable callback security, use the dialer callback-secure interface configuration command.
dialer callback-secureTo enable an interface to make return calls when callback is successfully negotiated, use the dialer callback-server interface configuration command.
dialer callback-server [username dialstring]| username | (Optional) Identifies the return call by looking up the authenticated host name in a dialer map command. This is the default. |
| dialstring | (Optional) Identifies the return call during callback negotiation. |
To set the Point-to-Point Protocol (PPP) as the encapsulation method used by a serial or ISDN interface, use the encapsulation ppp interface configuration command.
encapsulation pppTo associate a virtual template with a virtual template interface, use the interface virtual-template global configuration command.
interface virtual-template number| number | Number used to identify the virtual template interface. |
To define a virtual template from which the specified Multilink PPP bundle interface can replicate its interface parameters, use the multilink virtual-template global configuration command.
multilink virtual-template number| number | Number of the virtual template; an integer in the range 1 through 9. |
To reenable the creation of peer neighbor routes on an interface once this default behavior has been disabled, use the peer neighbor-route interface configuration command. To disable the default behavior of creating a neighbor route for the peer on a point-to-point interface, use the no form of this command.
peer neighbor-routeTo specify the order in which the CHAP or PAP protocols are requested on the interface, use the ppp authentication interface configuration command. Use the no form of the command to disable this authentication.
ppp authentication {chap | chap pap | pap chap | pap} [if-needed] [list-name | default]| chap | Enables CHAP on a serial interface. |
| pap | Enables PAP on a serial interface. |
| chap pap | Enables both CHAP and PAP, and performs CHAP authentication before PAP. |
| pap chap | Enables both CHAP and PAP, and performs PAP authentication before CHAP. |
| if-needed | (Optional) Used with TACACS and XTACACS. Do not perform CHAP or PAP authentication if the user has already provided authentication. This option is available only on asynchronous interfaces. |
| list-name | (Optional) Used with AAA/TACACS+. Specifies the name of a list of TACACS+ methods of authentication to use. If no list name is specified, the system uses the default. Lists are created with the aaa authentication ppp command. |
| default | (Optional) Used with AAA/TACACS+. Created with the aaa authentication ppp command. |
| callin | Specifies authentication on incoming (received) calls only. |
To enable half-bridging of AppleTalk packets across a serial interface, use the ppp bridge appletalk interface configuration command.
ppp bridge appletalkTo enable half-bridging of IP packets across a serial interface, use the ppp bridge ip interface configuration command.
ppp bridge ipTo enable half-bridging of IPX packets across a serial interface, use the ppp bridge ipx interface configuration command.
ppp bridge ipx [novell-ether | arpa | sap | snap]| novell-ether | Use Novell's Ethernet_802.3 encapsulation. This is the default. |
| arpa | Use Novell's Ethernet_II encapsulation. |
| sap | Use Novell's Ethernet_802.2 encapsulation. |
| snap | Use Novell Ethernet_Snap encapsulation. |
To enable a dialer interface that is not a data terminal ready (DTR) interface to function either as a callback client that requests callback or as a callback server that accepts callback requests, use the ppp callback interface configuration command.
ppp callback {accept | request}| accept | Enables this dialer interface to accept PPP callback requests (and function as the PPP callback server). |
| request | Enables this dialer interface to request PPP callback (and function as the PPP callback client). |
Use the ppp chap hostname interface configuration command to create a pool of dialup routers that all appear to be the same host when authenticating with CHAP. To disable this function, use the no form of the command.
ppp chap hostname hostname| hostname | Name to be sent in the CHAP challenge. |
To configure a common CHAP secret to be used in responses to challenges from an unknown remote peer in a collection of routers that do not support this command (such as routers running older Cisco IOS software images), use the ppp chap password interface configuration command. To disable this function, use the no form of this command.
ppp chap password secret| secret | Secret used to compute the response value for any CHAP challenge from an unknown peer. |
To configure software compression for Point-to-Point Protocol (PPP) encapsulation, use the ppp compress interface configuration command. To disable compression, use the no form of this command.
ppp compress [predictor | stac]| predictor | (Optional) Specifies that a predictor compression algorithm will be used. |
| stac | (Optional) Specifies that a Stacker (LZS) compression algorithm will be used. |
To enable Multilink PPP on ISDN interfaces, use the ppp multilink interface configuration command. To disable Multilink PPP on ISDN interfaces, use the no form of this command.
ppp multilinkTo enable remote PAP support for an interface and use the sent-username and password in the PAP authentication request packet to the peer, use the ppp pap sent-username interface configuration command. Use the no form of this command to disable remote PAP support.
ppp pap sent-username username password password
no ppp sent-username
| username | Username sent in the PAP authentication request. |
| password | Password sent in the PAP authentication request. |
| password | Must contain from 1 to 25 uppercase and lowercase alphanumeric characters. |
To enable Link Quality Monitoring (LQM) on a serial interface, use the ppp quality interface configuration command. Use the no form of this command to disable LQM.
ppp quality percentage| percentage | Specifies the link quality threshold. Range is 1 to 100. |
To define a named stack group and make the system a member of that stack group, use the sgbp group global configuration command.
sgbp group name| name | Name of the stack group the system belongs to. |
To specify the host name and IP address of a router or access server to be a peer member of a stack group, use the sgbp member global configuration command.
sgbp member peer-name [peer-ip-address]| peer-name | Host name of the peer member. |
| peer-ip-address | (Optional) IP address of the peer member. If the domain name system (DNS) can perform a lookup on the peer-name value, the IP address is not required. Otherwise, it must be specified. |
To set the bidding level that a stack group member can bid with for a bundle, use the sgbp seed-bid global configuration command.
sgbp seed-bid {default | offload | bid}| default | If set across all members of a stack group, indicates that the member which receives the first call for a certain user always wins the bid and hosts the master bundle interface. All subsequent calls to the same user received by another stack group member will project to this stackgroup member. This is the default. |
| offload | Indicates that this router is a relatively higher powered stack group member, is to function as an offload server, and host the master bundle interface. |
| bid | Bid level, an integer in the range 0 through 9999. |
To display bundle information for the Multilink PPP bundles, use the show ppp multilink EXEC command.
show ppp multilinkTo display the status of the stack group members, use the show sgbp EXEC command.
show sgbpTo display the current seed bid value, use the show sgbp queries EXEC command.
show sgbp queriesTo display information about active Level 2 Forwarding (L2F) protocol tunnel and Level 2 Forwarding (L2F) message identifiers in a virtual private dialup network, use the show vpdn EXEC command.
show vpdnTo specify the password to be used in the PPP Challenge Handshake Authentication Protocol (CHAP) caller identification and Password Authentication Protocol (PAP), use the username command.
username name password secret| name | Host name, server name, user ID, or command name. |
| password | An encrypted password for this username. |
| secret | For CHAP authentication only; specifies the secret password for the local router or access server or the remote device. To prevent the secret from being stolen, it is encrypted when it is stored on the local router or access server. The secret can consist of any string of up to 11 printable ASCII characters. There is no limit to the number of username-password combinations that can be specified, allowing any number of remote devices to be authenticated. |
To enable virtual private dial-up networking on the router and inform the router to look for tunnel definitions in a local database and on a remote authorization server (home gateway), if one is present, use the vpdn enable global configuration command.
vpdn enableTo cause the home gateway to issue its own CHAP challenge even if one has already been issued from the network access server, use the vpdn force-local-chap global configuration command. To disable the home gateway's issuing its own CHAP challenge, use the no form of this command.
vpdn force-local-chapTo specify the local name to use for authenticating and the virtual template to use for building interfaces for incoming connections when a Level 2 Forwarding (tunnel) connection is requested from a certain remote host, use the vpdn incoming global configuration command.
vpdn incoming remote-name local-name virtual-template number| remote-name | Case-sensitive name of the remote host requesting the connection. |
| local-name | Case-sensitive local name to use when authenticating back to the remote host. |
| virtual-template number | Virtual template to use for building interfaces for incoming calls. |
To specify the name and IP address of a remote host and the name to use when authenticating a tunnel for forwarding traffic to the remote host on a virtual private dialup network, use the vpdn outgoing global configuration command.
vpdn outgoing domain-name local-name ip ip-address| domain-name | Case-sensitive name of the domain to forward traffic to. |
| local-name | Local name to use when authenticating the tunnel to the remote host. |
| ip-address | IP address of the remote host. |
|
|