Token Caching
Otherwise, the router sends the request to the source of the interesting packet received if the interesting packet is an IP packet. The router sends the request to the designated client if the interesting packet is not an IP packet.
Step 3 The agent software recognizes the UDP/IP packet and opens an authentication window on the terminal. The user enters the username and token. The agent organizes the information into the PAP and CHAP username and password, based on the router configuration. It then sends the username and password back to the router as a reply packet.
Step 4 The reply packet is received, and the router opens an ISDN connection with Network Access Server (NAS).
Step 5 The router negotiates all
Step 6 Depending on which authentication protocol is negotiated, the router assembles a PAP request or CHAP response packet and sends it to NAS. If authentication fails, NAS passes the failure message from authentication, authorization, and accounting (AAA) to the router. The router sends one more request to the agent with a message to retry once more. If authentication fails again, the router sends another PAP request with the pppautheninfotype parameter set to
Token Caching
Cisco 700 series routers do not do token caching. A token is cached at the client, and the client sends the router the cached token in response to the authentication request from a link that uses a multilink PPP bundle. With its
There are two authentication modes, PAP and CHAP local secret, shown in the following figures.
