Ludovic MARCILLY writes: > Ok. So if i want my client to authenticate with CHAP, i have to put these options in my config file on the client side: > > refuse-pap > refuse-eap > refuse-mschap > refuse-mschap-v2 > > Am i right? No. If you want to authenticate with CHAP, then just put the right credentials into /etc/ppp/chap-secrets. That's all you need to do. For example, this in the pppd options: user lmarcilly and this in the /etc/ppp/chap-secrets file: lmarcilly * "my pass phrase" That's it. Those "refuse-*" options are there in case there's some reason you _MUST_ prevent yourself from using those other protocols when available. They're potential workarounds for unforseen cases. They're not meant to be used in most instances. In fact, that's true of most of the pppd options. The best configuration *BY FAR* is the one that sets the fewest options. The rest should be left to the default, which is generally chosen to be the most interoperable configuration. > I will test it now in order to be sure. > > And if i just configure authentication on the server? For example, no require-[pap|chap|eap|mschap|mschap-v2] and no refuse-[pap|chap|eap|mschap|mschap-v2] in the config file on the client side but just enable chap on the server side. Will it work? Yes. > Thanks a lot for your help. I have difficulties to understand the > require and refuse options. require == server refuse == client -- James Carlson 42.703N 71.076W <carlsonj@xxxxxxxxxxxxxxx> - To unsubscribe from this list: send the line "unsubscribe linux-ppp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html