When would you need this: When you are creating a WAN link. And also when the other end of a WAN link is NOT a Cisco router. Point-to-Point Protocol can be used in synchronous, asynchoronous, HSSI, and ISDN links.

Special Requirements: None.



1. Get to the interface configuration mode and issue the following command,

Router(config-if)#encapsulation ppp

2. If you want to configure authentication (which is almost always the case), go through the following steps:

a. Choose the authentication type; Password Authentication Protocol (PAP), or Challenge Handshake Authentication Protocol (CHAP).

Router(config-if)#ppp authentication XXX

where XXX is the authentication type which can be: pap, chap, pap chap, or chap pap. The last two choices are to use the other authentication type when the first one fails.

CHAP is strongly recommended over PAP for two reasons. First, PAP sends the username and password in plaintext, while CHAP sends hashed challenges only. Second is that CHAP does an operation similar to periodic re-authentication in the middle of the communication session such that it provides more security than PAP.

b. Set a username and a password that the remote router would use to connect to your local router. You can define many username-password pairs for many PPP connections to the same router.

Router(config)#username USER password PASS

where USER is the host name of the remote router, and PASS is its password. Issue this command once for each PPP connection. For example if you are connecting RouterA to RouterB and RouterC, on RouterA issue this command once for each remote router.

c. Now you can set the username and password that you local router would use to access the remote router. For PAP authentication, you can specify the username and password that the local router will send to the remote router for authentication using the following command,

Router(config-if)#ppp pap sent-username USER passwrod PASS

For CHAP, two commands are used,

Router(config-if)#ppp chap hostname USER

Router(config-if)#ppp chap password PASS

The usernames and passwords are case sensitive, so be careful when writing them. This way, you will have to write the hostname and secret password of the remote router in your local router and write the hostname and secret password of your local router into your remote using the 'username' command.

If you do not set the username and password that will be sent from the local router to the remote router for authentication, the router will use its hostname and secret password instead.

3. You can monitor the quality of the serial link that is using PPP with the following command,

Router(config-if)#ppp quality PERCENT

where PERCENT is the minimum accepted link quality. If the link quality drops below PERCENT, the link will be shutdown and considered bad.

4. If the available bandwidth is small, you might consider compressing the data being transmitted using the following command,

Router(config-if)#ppp compress YYY

where YYY is the compression type which can be predictor or stacker.

Note: The compression might affect the system performance because it increases the CPU load. Check the CPU load with ‘show process cpu’ and disable the compression if the CPU load is over 65%.

5. To troubleshoot PPP, you can use the following commands,

Router#debug ppp negotioations

Router#debug ppp packets

Router#debug ppp errors

Router#debug ppp authentication