PPP - Point-to-Point Protocol - is the WAN encapsulation that survived. Frame Relay died, X.25 died, ATM mostly died, but PPP is still on every serial WAN link, every dial-up backup, every long-haul leased line that has not been replaced with Ethernet. CHAP is its authentication. This lab walks through the configuration and the canonical debug output, with one important caveat.
About the captures in this lab: the PingLabz CCNA Base Topology uses iol-xe nodes, which are Ethernet-only. Real serial interfaces are not available in CML Free with iol-xe. The debug output shown below is the documented illustrative output from Cisco's published PPP debug examples, clearly labeled. If you want to capture the exact same output yourself, build a 2-router lab with the iol-xe-serial-4eth node definition (available in CML Free) and apply the same configurations to a Serial interface.
What you will learn
- How PPP encapsulates higher-layer protocols on a point-to-point link
- The two PPP authentication methods: PAP (plain-text, deprecated) and CHAP (challenge-handshake, the modern default)
- The PPP state machine: LCP up, authentication, NCP up
- The configuration commands:
encapsulation ppp,ppp authentication chap,username <remote-hostname> password <shared-secret> - How to read
debug ppp authenticationoutput to confirm the handshake
What this lab does NOT cover
- PAP authentication. PAP sends passwords in plain text. Do not use it. CHAP exists as the secure alternative.
- PPPoE (PPP over Ethernet) used for DSL. Different transport, similar protocol.
- MLPPP (Multilink PPP) for bonding multiple serial links.
The two-router scenario
Imagine two routers, RA and RB, connected by a serial link:
STRONG_SECRETSTRONG_SECRET
