cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Bookmark
|
Subscribe
|
900
Views
0
Helpful
1
Replies

Cisco Radius Authentication with Windows NAP with Encrypted Authentication

QUARK TARO
Level 1
Level 1

I need to setup radius authentication for Cisco IOS devices for device management. My radius server is NAP on Windows 2008 R2. 

Can I implement this with encrypted authentication? In the attached diagram, what protocol can I use for encrypted authentication?

According to some sites, we need to enable clear text authentication. Has anyone implemented the secure authentication such as ms chap?

1 Accepted Solution

Accepted Solutions

johnd2310
Level 8
Level 8

HI,

You enable clear text authentication(PAP). Remember radius sends username in the clear but  encrypts the password. You can confirm this taking a wireshark capture. You will also secure the radius encryption by using a long and complex radius key.

If you want to encrypt both username and password,  then you would use TACACS

Thanks

John 

**Please rate posts you find helpful**

View solution in original post

1 Reply 1

johnd2310
Level 8
Level 8

HI,

You enable clear text authentication(PAP). Remember radius sends username in the clear but  encrypts the password. You can confirm this taking a wireshark capture. You will also secure the radius encryption by using a long and complex radius key.

If you want to encrypt both username and password,  then you would use TACACS

Thanks

John 

**Please rate posts you find helpful**