Hello there, i am evaluating ACS 5.3 with an ASA5505, by using password management in the IPSec tunnel config i am able to authenticate the VPN clients using mschapv2, however, the SSH sessions are authenticated using PAP
I have looked for days and days for an answer without success, is this by design?
Cisco documents state that SSH can be authenticated via TACACS with PAP,CHAP or MSCHAPv1, however, i have no idea how to get this done. It seems to be default to PAP
From Cisco Doc:
TACACS+ Server Support
The security appliance supports TACACS+ authentication with ASCII, PAP, CHAP, and MS-CHAPv1
Ps: I know the "test" feature on ASA uses PAP.
Thanks!