Protocol recommendation
Olivier
oza.4h07 at gmail.com
Tue Apr 5 17:22:36 UTC 2022
Hello,
I've read this [1] article. It is very interesting but I would
appreciate some explaination about the final recommendations
paragraph.
Specifically, this paragraph contains:
"If MS-CHAPv2 is required for operational or inter-operability
reasons, we recommend running it over a secure management network. The
Microsoft MFA server does not support MFA with MS-CHAPv2. Or, running
TTLS + MS-CHAPv2. Though it has no benefits (and many drawbacks!) over
TTLS + PAP."
1. What does "we recommend running [MS-CHAPv2] over a secure
management network" implies, here ?
2. What does "Or, running TTLS + MS-CHAPv2" excatly means, here ?
[1] https://networkradius.com/articles/2022/02/20/how-authentication-protocols-work.html
[2] https://www.securew2.com/blog/pitfalls-of-eap-ttls-pap
Best regards
More information about the Freeradius-Users
mailing list