Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
770
Views
0
Helpful
1
Replies

ASA L2L IPSec + Radius Authenticator + how change authentication to CHAP

Piotr Pudelko
Level 1
Level 1

‎06-02-2011 07:02 AM - edited ‎03-10-2019 06:07 PM

Hello

How it looks like:

1. ASA terminale a L2L IPSec

2. ASA is a authenticator for employees by L2L IPsec using IAS Radius

What need:

How to change on ASA default Radius authentication PAP to CHAP?

I need that employees need to authenticate by IPSEC ASA in serwer RADIUS use a CHAP

regards Piter

Labels:
0 Helpful
1 Reply 1

Herbert Baerten
Cisco Employee
Cisco Employee

‎06-22-2011 04:55 AM

Hi Piotr,

sorry for the late response, I don't visit the AAA forum very frequently - as a general recommendation if you have  VPN+AAA related questions it might be better to post them in the forum.

Anyway, do you still need help with this? I'm not sure if I understand the setup entirely. When you say "ASA is a authenticator for employees by L2L IPsec using IAS Radius" do you mean Client VPN (aks remote access vpn) instead of L2L?

If so, then enabling "password-management" in the tunnel-group will switch from PAP to MSCHAPv2.

If on the other hand you mean that you are using proxy authentication (aaa authentication include ...) then I don't think this is possible, although in that case you may want to double check in the forum.

hth

Herbert

0 Helpful
Customers Also Viewed These Support Documents