6-10 CHAPTER 6: M ANUAL SETUPConfiguringAuthentication andEncryptionTo learn how to use CLI commands to configure authentication and encryption forthe OCR 812, please refer to the following: To configure authentication parameters, see set ppp receive_authentication[ANY | ANY_EXCEPT_MSCHAP | CHAP | MSCHAPV1 | MSCHAPV2 | NONE |PAP]. To configure a Windows 2000 Server for CHAP authentication, see ConfiguringWindows 2000 Server to Support CHAP Authentication. To configure MPPE encryption, see set tunnel name>encryption_algorithm [AUTO | MICROSOFT_128BIT | MICROSOFT_40BIT| MICROSOFT_56BIT | NONE | REQUIRED]. To set up MPPE, note that you must also configure the OCR 812 to use theMSCHAPv1 authentication protocol.To configure the OCR 812 to use MSCHAPv1, enter the set pppreceive_authentication [ANY | ANY_EXCEPT_MSCHAP | CHAP | MSCHAPV1| MSCHAPV2 | NONE | PAP] command and specify the MSCHAPv1 option. To learn more about MPPE, please visit the Microsoft corporate web site atwww.microsoft.com. To configure a Windows 2000 Server for L2TP encryption, see ConfiguringWindows 2000 Server to Support Encryption for L2TP Tunnels. To configure a Cisco Router for L2TP encryption, see Configuring a CiscoRouter to Support Encryption for L2TP Tunnels.Configuring Windows 2000 Server to Support CHAP AuthenticationMicrosoft supports CHAP authentication for both PPTP and L2TP tunnels.However, to configure CHAP authentication for a Windows 2000 Server, you mustensure that store pw using reversible encryption for all users in domain isset to enabled before adding users.If you add users before you enable store pw using reversible encryption for allusers in domain, you must enable the option and then re-enter the passwordsfor all users in the domain.To Configure authentication for your Windows 2000 Server.1 Set up the Windows 2000 Server with IP address 123.45.67.89.2 Add the authentication protocols you wish to use. See Authentication Options formore information.To configure CHAP authentication for your Windows 2000 Server, set store pwusing reversible encryption for all users in domain to enable, as follows:a Select Programs->Administrative Tools->Local Security Policy.b Select Security Settings\Account Policies\Password Policy.3 When prompted, enter the password secret.4 Add all users for the domain.