|
Posted by S. Pidgorny on July 26, 2007, 4:18 am
Please log in for more thread options
G'day,
Look for the IAS events in the system log and more detailed information in
the IAS log files (a good log viewer is cheap at
http://www.deepsoftware.com/iasviewer/).
There's only as much that we can help you. Cisco routers aren't all alike -
they have different versions of IOS etc. Switching to PAP was the solution
many years ago - they must be better now...
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
> Hi,
>
> We would like to use MS IAS as a RADIUS server for a centralized
> router management.
>
> We were able to make it work perfectly in PAP mode but as this exposes
> passwords we would like to use MS CHAP.
>
> When we just switch to MS CHAP (on the router and IAS) the
> authentication fails with AUTH_FAILURE. As there is no messages in
> Active Directory logs we conclude that the real authentication has
> never happened and the request has been rejected by IAS itself.
>
> Has anyone been able to make it work with MS CHAP?
> Do we need to activate reverse password encryption in Windows to make
> it work?
>
> Any advice will be appreciated
>
| 
XML Sitemap