On Sun, Dec 4, 2011 at 5:49 PM, Piotr <[email protected]> wrote: > I changed type of authentication,on cisco asa, to PAP: > > ASA(config)# sh run all | begin tunnel-group l2tp-ipsec ppp-attributes > tunnel-group l2tp-ipsec ppp-attributes > authentication pap > no authentication chap > no authentication ms-chap-v1 > no authentication ms-chap-v2 > no authentication eap-proxy > > but i don't know why i stil get on FR: > > rad_recv: Access-Request packet from host 10.62.1.1 port 1025, id=85, > length=136 > User-Name = "tom3" > CHAP-Password = 0x01ccbbe398364421101d8b50e4cb59a46e
This is what the NAS send > FR try to authenticate via CHAP. I don't understand this, i'm little > confused FR doesn't try to invent something non existent. It simply process what the NAS sends. Ask your NAS vendor why it's still using CHAP. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
