I agree which is why the VPN NAS-Radius is not of value. In addition, if you don't diable PAP on the client or NAS, they'll still send it in clear text yet merely fail on your radius server...until they stop doing that.
On Tue, 5 Mar 2002, Frank Cusack wrote: > On Tue, Mar 05, 2002 at 10:38:58AM -0500, Alan DeKok wrote: > > Pat Crean <[EMAIL PROTECTED]> wrote: > > > Why not compromise and set up a vpn between your NAS and radius > > > server so even PAP is encrypted? > > > > PAP passwords are already encrypted when sent over the network via > > RADIUS. > > But not between the user and the NAS; which is over wireless in this case > and which was the original concern. > > /fc. > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
