Ronnie
On Wednesday, February 04, 1998 4:21 PM, Darryl Ackernecht [SMTP:dackernecht@darefoods.com] wrote:
> We use Cisco 2509/2511s running Radius in text mode. We have been
> hard-coding passwords in the users file, but are now trying to get NT
> authentication working. We have been using CHAP on the Ciscos.
>
> If we test a user with a hard-coded password, both via radlogin and via a
> PPP connection with the Cisco, authentication works.
>
> When we take the same user, and change the password to point to
> "WINNT\DOMAIN" (where DOMAIN is our NT domain), radlogin authentication
> works, but PPP via the Cisco fails. The only difference that I could see
> between using radlogin vs the Cisco was that radlogin uses PAP, and our
> Cisco is setup for CHAP. Setting the Cisco to use PAP resolves the problem.
>
> I don't really understand why this would make a difference? Also, I'm not
> sure if it is that big of problem using PAP - doesn't radius perform
> encryption between the client and server?
>
> Any comments would be appreciated.
>
> Darryl Ackernecht
> dackernecht@darefoods.com
>
>
>
> ----------------------------------------------------------
> RadiusNT Mailing List lists@iea-software.com