Authentication in PPP
PPP can support authentication operations at the beginning of a connection. In some cases reauthentication is also possible during a session. Endpoints negotiate authentication in the same manner as other options. Authentication is pee r to peer again without distinction between calling and called parties. This allows either or both endpoints to request authentication credentials from each other. In fact the protocols for passing credentials may be differently may be different for each endpoint. The default is no authentication required. However you can configure you PPP software to require it.
The authenticating state of a PPP connection follows the establishing state if either endpoint agrees tousle an authentication protocols. Otherwise the connection transitions immediately to eh network state skipping authentication steps altogether. The two common authentication protocols authentication protocols are:
a.The password authentication protocols (PAP)
b.The challenge handshake authentication protocols ( CHAP)
These protocols have assigned numbers and are arguments to the authentication protocols options PPP endpoints include in LCP configure packets. As usual if one PPP endpoint requests its peer to authenticate itself with a protocols the peer doesn't understand the peer rejects it in an LCP configure nak response. This endpoint may propose another protocols its peer understand or terminate the connection.
Each authentication protocols has well defined procedures regarding the messages that endpoint must send and receive during the authenticating state. Besides PSP and CHAP there are other extensible authentication protocols in development and there exists several proprietary protocols as well.