On a Cisco ASA, which of the following RADIUS authentication protocols are not supported? (Select 2 choices.)

Last Updated on August 4, 2021 by Admin 3

On a Cisco ASA, which of the following RADIUS authentication protocols are not supported? (Select 2 choices.)

  • CHAP
  • EAPMD5
  • PAP
  • PEAP
  • MSCHAPv1F. MSCHAPv2
Explanation:
Neither Extensible Authentication Protocol (EAP)Message Digest 5 (MD5) nor Protected EAP (PEAP) are supported by the Remote Authentication DialIn User Service (RADIUS) server on a Cisco Adaptive Security Appliance (ASA). RADIUS is an Authentication, Authorization, and Accounting (AAA) server that uses User Datagram Protocol (UDP) for packet delivery.
RADIUS and Terminal Access Controller Access Control System Plus (TACACS+) server groups on a
Cisco ASA support Challenge Handshake Authentication Protocol (CHAP), Microsoft CHAP version 1 (MSCHAPv1), and Password Authentication Protocol (PAP). A Cisco ASA supports a number of different AAA server types, such as RADIUS, TACACS+, Lightweight Directory Access Protocol (LDAP), Kerberos, and RSA Security Dynamics, Inc. (SDI) servers.
When authenticating with a TACACS+ server, a Cisco ASA can use the following authentication protocols:
– ASCII
– PAP
– CHAP
– MSCHAPv1
When authenticating with a RADIUS server, a Cisco ASA can use the following authentication protocols:
– PAP
– CHAP
– MSCHAPv1
– MSCHAP version 2 (MSCHAPv2)
– Authentication Proxy Mode (for example, RADIUS to RSA/SDI, RADIUS to Active Directory, and others)

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments