- 4 Posts
- 0 Reply Likes
Posted 6 years ago
- 102 Posts
- 49 Reply Likes
It should work, for client authentication the ZD/AP is only a tunnel between the client and the radius server. The client and server will negotiate what to use, the AP and ZD should only forward traffic between the two.
The UG notice for PAP and now CHAP is only in reference to the ability to use the ZD to run a test against the radius server. The ZD's test of the radius server only uses PAP or CHAP.
The UG notice for PAP and now CHAP is only in reference to the ability to use the ZD to run a test against the radius server. The ZD's test of the radius server only uses PAP or CHAP.
- 1 Post
- 0 Reply Likes
- 102 Posts
- 49 Reply Likes
Are you talking about Test the AAA server or are you talking about an actual client authenticating?
If you are talking about a real client, there is not much you need to set on the ZD, just the IP address of the Radius server, the Shared Secret and the Auth port.
The rest, negotiation for security protocol to use is done between the Client and the radius server.
The ZD will just tunnel the authentication traffic between the client and Radius. If the client and Radius server are configured to use MSCHAPv2 it will work.
If you are talking about a real client, there is not much you need to set on the ZD, just the IP address of the Radius server, the Shared Secret and the Auth port.
The rest, negotiation for security protocol to use is done between the Client and the radius server.
The ZD will just tunnel the authentication traffic between the client and Radius. If the client and Radius server are configured to use MSCHAPv2 it will work.
Related Categories
-
ZoneDirector
- 2550 Conversations
- 732 Followers