Setting up PPPoE on Linksys WRT1900ACS & Centurylink Fiber

Installing and Using OpenWrt Network and Wireless Configuration
1

Hello. First post on these forums. I apologize in advance for the wall of text.

I'm moving to Centurylink fiber, new out in my area. Centurylink provides a Zyxel C3000Z router with the service, but I'd like to use a WRT1900ACS with OpenWrt.

Centurylink authenticates the WAN connection using PPPoE, and needs the router to run with Vlan ID=201. No problems there. I can set up the Vlan ID in luci, and the server on Centurylink's end responds as expected.

However, I can't get PPPoE to authenticate correctly. The Zyxel router has an entry for the pppoe username and password in its setup screens. The username is displayed in plain text but it won't display the password.

I called customer support and they told me the password. I've tried the password that they gave me (in plaintext) via OpenWrt and it doesn't connect correctly. I've tried a few capitalization variations as well and it's the same.

There is a "configuration save" option on the Zyxel router. I downloaded the file and looked through for anything that might have been a password. Turns out there's a base64-encoded password with the XML tag "BackupPassword" under the X_404A03_DefaultPPPConfig tag, which seemed promising, so I went ahead and decoded it. It turns out to be 32 bytes long, the first 8 are the ASCII string "Salted__" and the rest looks like line noise (24 random-looking bytes).

I suspect that they hash the password in the router so that the original can't be found, and then the hash is used as the secret for CHAP authentication. Of course, I'm not sure if the "SALTED__" part is part of the secret, or if there is a salt in the other 24 bytes along with the hash of the password, or what hash function is used...

So I had a couple things to ask.

  • Is there a way via the CLI in OpenWrt to initiate a PPPoE connection? I'd prefer not to have to keep doing this testing via Luci if I can avoid it - I'd prefer to start the connection and then check the log files via an ssh connection.

  • How can I try to initiate a connection using a non-ASCII secret for CHAP authentication? I'm sure I can add a /etc/ppp/chap-secrets file but I have no idea how to represent that hashed password I got from the xml config file properly.

I'm going to try to escalate customer service at Centurylink to get a better idea of what's happening with their router to try to replicate it with my OpenWrt router. However, if you have any other ideas I might try, I'd sure appreciate it.

Thanks in advance.

2

Welcome to the OpenWrt forum!

ifup wan

To authenticate via CHAP, the client must know the plaintext password.

I suspect the password is encrypted, not hashed, because the plaintext password must be recovered when the config is restored from the file.

Retrieving the password is not really OpenWrt specific. How about searching the web?
When I tried, this was one of the first results:
How to Find Your CenturyLink PPP Password on a Zyxel C1000Z Modem
It is a different model, but from the same vendor. I could not proceed since I don't own any of these devices.

3

Hey,

Sorry for the delay. Been extra busy and going round and round with CenturyLink.

Thanks for the clue on using 'ifup wan' - really helped with testing.

I had seen the Zyxel C1000Z modem page you pointed me to previously - it was what inspired me to try OpenWrt. Unfortunately, they had a different scheme for password saving, so it was no luck there.

I think you're right about the password being encrypted - probably by using the time of saving the configuration as the encryption key. I made a couple of stabs at unlocking it but no luck.

However, I eventually got in touch with a CenturyLink customer support representative who knew the score, and got the PPPoE password simply by asking. So thanks, CenturyLink, for opening things up for customers, and thanks mpa for giving me a couple sniffs toward the correct resolution of the problem.