As the title says I'm trying to have an ASA (8.2.3) auth against an ACS 5.3 using TACACS+. It only works if I have PAP enabled on the ACS. Obviously this concerns me. I've found the following reference in the configuration guides:
TACACS+ Server Support
The ASA supports TACACS+ authentication with ASCII, PAP, CHAP, and MS-CHAPv1.
I can't figure out how to make the ASA use MS-CHAPv1 though. Seems like it should be pretty simple.
Incidentally I was having the same problem with VPN auth's using RADIUS but I was able to fix that by enabling the password management option which is only available in CHAPv2. Seems that option isn't available under TACACS+.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...