I've been recently testing an NPS server to handle RADIUS requests for our network devices, using active directory. Most tutorials I have followed have set the authentication method to be "Unencrypted authentication (PAP, SPAP)" on the server side. This has worked fine for me but raises security concerns and I was wondering what others have done? - The problem is, I can only seem to get the unencrypted authentication method to work, other methods like 'encrypted authentication (CHAP)' just won't allow me to log in.
Does anyone have any insight?
Thanks.
![pap.PNG pap.PNG](https://community.cisco.com/t5/image/serverpage/image-id/39927i6346B552AF3DDBBD/image-size/large?v=v2&px=999)