Hi, > Thanks for the answer. > > Wireshark tells me > > AVP: l=18 t=User-Password(2): Encrypted > > According to your list it should be PAP, but PAP does not encrypt the > passwords. Looking in the byte stream, I cannot find the configured > password. So I have doubts that it's really PAP.
huh? PAP is plain text authentication - sure. but RADIUS uses shared secrets between the NAS and the server - and the password is one of the entities that will get a little bit of help witht his. read a basic RADIUS book or the set of RFCs and it will tell you this. however, this is not strong encryption...and methods that use challenge response (eg MSCHAP) are recommended if you have worries about passwords whizzing across the network. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
