On Sun, Dec 4, 2011 at 5:49 PM, Piotr <piotr.1234@interia.pl> wrote:
I changed type of authentication,on cisco asa, to PAP:
ASA(config)# sh run all | begin tunnel-group l2tp-ipsec ppp-attributes tunnel-group l2tp-ipsec ppp-attributes authentication pap no authentication chap no authentication ms-chap-v1 no authentication ms-chap-v2 no authentication eap-proxy
but i don't know why i stil get on FR:
rad_recv: Access-Request packet from host 10.62.1.1 port 1025, id=85, length=136 User-Name = "tom3" CHAP-Password = 0x01ccbbe398364421101d8b50e4cb59a46e
This is what the NAS send
FR try to authenticate via CHAP. I don't understand this, i'm little confused
FR doesn't try to invent something non existent. It simply process what the NAS sends. Ask your NAS vendor why it's still using CHAP. -- Fajar