cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

2246
Views
5
Helpful
4
Replies
hradhanp
Cisco Employee

Using CHAP with TACACS

 Can we use CHAP instead of PAP for device administration. If yes, how we can configure ACS/lSE to achieve this?

1 ACCEPTED SOLUTION

Accepted Solutions
Surendra
Cisco Employee

It is primarily a configuration on the Network Device. On the ISE, you can navigate to Policy > Policy Elements > Results > Authentication > Allowed Protocols, to allow CHAP or any other protocol. On the ACS, it would be Access Policies > [ Click on Access Service Name] > Allowed Protocols

View solution in original post

4 REPLIES 4
Surendra
Cisco Employee

It is primarily a configuration on the Network Device. On the ISE, you can navigate to Policy > Policy Elements > Results > Authentication > Allowed Protocols, to allow CHAP or any other protocol. On the ACS, it would be Access Policies > [ Click on Access Service Name] > Allowed Protocols

View solution in original post

Any configuration required on the Network Device? We have already configured the policy in ACS/ISE.

Configuration depends on the Network Device make and model. Would suggest you check documentation of those devices for the same.

I have this problem too and was solved it by:

ACS > Access Policies > Access Service Name > Allowed Protocols

 

 

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars



Did you miss a previous ISE webinar?

CiscoISE YouTube Channel