cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1769
Views
0
Helpful
1
Replies

Difference between PAP vs CHAP for RADIUS authentication

zrunner626
Level 1
Level 1

Can anyone describe how PAP works between ASA and Microsoft NPS for RADIUS authentication and how MS-CHAP is different?

Please don't tell me that PAP sends the password in clear text. I have taken PCAPs and I see no clear text shared secret or passwords being transmitted between the ASA and NPS. I'm trying to understand the risk if I choose to allow PAP so that we can use all Azure MFA options including one-way text message, OATH hardware tokens and mobile app verification code.

1 Reply 1

zrunner626
Level 1
Level 1

I also realize that the ASA and NPS use the shared secret key to encrypt communication between the two but what am I missing. What drawback should I be considering for not using PAP in this instance?