- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-12-2015 09:55 AM - edited 03-10-2019 11:19 PM
I need to setup radius authentication for Cisco IOS devices for device management. My radius server is NAP on Windows 2008 R2.
Can I implement this with encrypted authentication? In the attached diagram, what protocol can I use for encrypted authentication?
According to some sites, we need to enable clear text authentication. Has anyone implemented the secure authentication such as ms chap?
Solved! Go to Solution.
- Labels:
-
AAA
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-14-2015 08:54 PM
HI,
You enable clear text authentication(PAP). Remember radius sends username in the clear but encrypts the password. You can confirm this taking a wireshark capture. You will also secure the radius encryption by using a long and complex radius key.
If you want to encrypt both username and password, then you would use TACACS
Thanks
John
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-14-2015 08:54 PM
HI,
You enable clear text authentication(PAP). Remember radius sends username in the clear but encrypts the password. You can confirm this taking a wireshark capture. You will also secure the radius encryption by using a long and complex radius key.
If you want to encrypt both username and password, then you would use TACACS
Thanks
John
