cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

212
Views
0
Helpful
1
Replies
Highlighted
Beginner

Difference between PAP vs CHAP for RADIUS authentication

Can anyone describe how PAP works between ASA and Microsoft NPS for RADIUS authentication and how MS-CHAP is different?

Please don't tell me that PAP sends the password in clear text. I have taken PCAPs and I see no clear text shared secret or passwords being transmitted between the ASA and NPS. I'm trying to understand the risk if I choose to allow PAP so that we can use all Azure MFA options including one-way text message, OATH hardware tokens and mobile app verification code.

Everyone's tags (5)
1 REPLY 1
Highlighted
Beginner

Re: Difference between PAP vs CHAP for RADIUS authentication

I also realize that the ASA and NPS use the shared secret key to encrypt communication between the two but what am I missing. What drawback should I be considering for not using PAP in this instance?