cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

972
Views
5
Helpful
3
Replies
Highlighted
Cisco Employee

Using CHAP with TACACS

 Can we use CHAP instead of PAP for device administration. If yes, how we can configure ACS/lSE to achieve this?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

It is primarily a configuration on the Network Device. On the ISE, you can navigate to Policy > Policy Elements > Results > Authentication > Allowed Protocols, to allow CHAP or any other protocol. On the ACS, it would be Access Policies > [ Click on Access Service Name] > Allowed Protocols

View solution in original post

3 REPLIES 3
Highlighted
Cisco Employee

It is primarily a configuration on the Network Device. On the ISE, you can navigate to Policy > Policy Elements > Results > Authentication > Allowed Protocols, to allow CHAP or any other protocol. On the ACS, it would be Access Policies > [ Click on Access Service Name] > Allowed Protocols

View solution in original post

Highlighted

Any configuration required on the Network Device? We have already configured the policy in ACS/ISE.
Highlighted

Configuration depends on the Network Device make and model. Would suggest you check documentation of those devices for the same.