Unauthenticated Connections

Windows 2000 also supports unauthenticated PPP connections. In an unauthenticated PPP connection, the authentication phase of the PPP connection establishment is skipped. Neither the remote access client or the remote access server exchange credentials. The use of unauthenticated PPP connections must be carefully considered, as connections are allowed without verifying the identity of the remote access client.

There are two common cases where unauthenticated connections are desired:

  1. When using Automatic Number Identification/Calling Line Identification (ANI/CLI) authentication, the authentication of a connection attempt is based on the phone number of the caller. ANI/CLI service returns the number of the caller to the receiver of the call and is provided by most standard telephone companies.
    ANI/CLI authentication is different from caller ID authorization. In caller ID authorization, the caller sends a valid user name and password. The caller ID that is configured for the dial-in property on the user account must match the connection attempt; otherwise, the connection attempt is rejected. In ANI/CLI authentication, a user name and password are not sent.

  2. When using guest authentication, the Guest account is used as the identity of the caller.

For information about procedures to implement these common unauthenticated connection scenarios, see Windows 2000 Server Help.