cberrymd
asked on
Cisco ASA AAA Authentication - PAP Only?
I'm attempting to setup AAA authentication for ssh and console access on a Cisco ASA to bounce off a Windows Active Directory via RADIUS. I only allow MSCHAPv2. I have been able to get a remote access VPN to use only MSCHAPv2 by enabling password management on the connection profile, but the SSH and Console are not giving options that I see and by default attempt to use PAP (as seen by failure events in the Windows log). Is this possible?
ASKER
Yes, but I'm well past that - I certainly can get that part to work but not with MSCHAPv2 as opposed to PAP.
From what limited knowledge I have on network security (i just graduated in March this year with Associates) MSCHAPv2 authentication is used in point-to-point connections (PPP) therefore using MSCHAPv2 for telnet is impossible is it not? Different protocols am i right?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008069bf1b.shtml#a2