Security Settings Security SettingsThe Security page specifies which authentication protocols are used and the associated user names and passwords. Authentication verifies the identity of each peer when establishing a PPP connection. The authenticator is defined as the end of the link requiring authentication. Each end of the link independently requires authentication so both ends may require authentication, only one end or the other may require authentication, or neither end may require authentication.
The adapter supports two standard authentication protocols used with PPP:
PAP Password Authentication Protocol (RFC1334)
A clear text user name and password are sent to the authenticator. If the user name and password are correct the authenticator responds with a positive acknowledgement and continues with link negotiation. If the user name or password is incorrect, the authenticator responds with a negative acknowledgement and either terminates the connection or waits for another user name and password attempt.
CHAP Challenge Handshake Authentication Protocol (RFC1994)
The authenticator sends a challenge to the remote peer. The peer responds with an encrypted response based on the challenge and the password. The authenticator verifies the response and sends a positive or negative acknowledgement to the peer. This protocol is superior to PAP in that the password itself is never sent across the link.
NOTE:
Microsoft uses a proprietary and incompatible version of CHAP called MS-CHAP. Microsoft RAS and RRAS do not support CHAP as an authenticator but do support being authenticated by a remote peer with CHAP. When connecting to RAS/RRAS operating as an authenticator, use the PAP protocol. This is done by selecting ‘Accept any authentication including clear text’ in the RAS/RRAS server network setup.
The local Windows computer is the authenticator requiring authentication from the remote peer.
Authentication Protocol
This pull down list selects the protocol used by the local Windows computer to authenticate the remote peer. The local Windows computer is the authenticator. If the remote peer does not recognize or support the selected protocol, or sends the wrong credentials then the adapter terminates the connection. If no authentication is required then select ‘None’.
User Name
The user or host name required by the authenticator.
Password
The password or secret required by the authenticator for the specified user name.
The remote peer is the authenticator requiring authentication from the local Windows computer.
Authentication Protocol
This pull down list selects the protocol used by the remote peer to authenticate the local Windows computer. The remote peer is the authenticator. If the remote peer does not request authentication then these settings have no effect. If the remote peer requires authentication but refuses to negotiate the selected protocol then the adapter terminates the connection. If the remote peer does not accept the local credentials then the adapter terminates the connection. If no authentication is required then select ‘None’.
User Name
The user or host name required by the authenticator.
Password
The password or secret required by the authenticator for the specified user name.