Get Full Access to our 743 Cisco Lessons Now Start $1 Trial
You are here: Home » Cisco » CCNA Routing & Switching ICND2 200-105

Introduction to PPP on Cisco IOS Router

PPP is one of the WAN protocols that you can configure on Cisco IOS routers. We will take a look how PPP works and how to configure it. Do you still remember how the OSI model works?

PPP NCP LCP

PPP operates on the data link layer (layer 2) but as you can see the data link layer has been split into two pieces:

  • NCP: Network Control Protocol
  • LCP: Link Control Protocol

Let’s start with LCP:

PPP LCP

LCP takes care of setting up the link. If you enable authentication for PPP it will take care of authentication. Once the link has been setup we use NCP.

PPP NCP

NCP will make sure you can run different protocols over our PPP link like IP, IPv6 but also CDP (Cisco Discovery Protocol) and older protocols like IPX or AppleTalk.

So in short if you enable PPP on both routers this is what happens:

  1. LCP: Takes care of setting up the link.
  2. (Optional): Authentication.
  3. NCP: Makes sure we can send IP and other protocols across our PPP link.

Let’s see what authentication is about:

r1 r2 ppp username password

I have two routers; the router on the left side is called R1. If you want to use authentication for PPP you have two options:

  • PAP (Password Authentication Protocol): This is plaintext! It will send the username and password over the PPP link and the router on the other side will check it.
  • CHAP (Challenge Handshake Authentication Protocol): Instead of sending the password in plaintext we are going to send a “challenge” which is a hash of the password. This is far more secure.

In the example above we are using PAP:

  • On the left side we have a router with hostname R1.
  • On the right side we have a router without a hostname but it has the username R1 and password VIDEO configured in a local database.
  • PPP will start setting up the link by using LCP.
  • Since authentication is enabled our router on the right side will authenticate R1:
    • R1 will send its hostname and the password in plaintext.
    • The router on the right side will accept or deny the credentials.
    • If everything is ok PPP will work and we are authenticated.

PAP is very simple but sending a username and password in plaintext is not a very secure method. Let’s see how CHAP works:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You’ve Ever Spent on Your Cisco Career!
  • Full Access to our 743 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

Give Membership a try - it's just $1 ►

616 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags:

Forum Replies

  1. Have you ever encountered this scenario?

    Jan 15 15:23:36.968: Se0/2/0:0 LCP: I PROTREJ [Open] id 1 len 10 protocol CDPCP (0x820701010004)
Jan 15 15:23:36.968: Se0/2/0:0 CDPCP: State is Closed
Jan 15 15:23:36.968: Se0/2/0:0 CDPCP: State is Listen

    And because of this, interface is not bundling up in a multilink. As you can see that the inbound packet is telling the device that the protocol CDPCP is being rejected.

  2. Hi Ali,

    Do you have the complete debug for this? Normally I only see this when the PPP session is going down, for example when authentication fails or something.

    Rene

  4. Hi Rene,

    Can we sub-interfaces in PPP to establishment more than one PPP connection on the same physical interface ?

    thanks.

  5. Hi Hussein,

    PPP encapsulation on serial interfaces only works on the physical interface. If you want to get creative then you could run PPPoE on Ethernet sub-interfaces or PPP over frame-relay on sub-interfaces though.

    Rene

43 more replies! Ask a question or join the discussion by visiting our Community Forum