[tac_plus] How does the TACACS+ server know which authentication mechanism (PAP, CHAP, etc) to use?

Sachin.6.Gupta SG00123446 at TechMahindra.com
Thu Jul 11 14:16:13 UTC 2013


Hi All,

Its a pretty basic question answer to which i am not able to figure out yet.

Hope some one could shed some light here.

TACACS+ Server gives option of User Authentication by following methods: 1. ASCII 2. PAP 3. CHAP 4. MSCHAP 5. ARAP

But how does the server know which one to use to authenticate?

Went through the RFC and it seems that the AUTH Packet has a Authen_type field which decides this.

Then i guess some configuration has to be done on the devices to enable either of these. But i failed to find any specific configuration commands to enable either of these.

Debugged on a setup, it seems i was always getting ASCII. But never got PAP,CHAP,etc.

Hope someone can provide some configuration commands for these.

TIA
Sachin
============================================================================================================================Disclaimer:  This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at <a href="http://www.techmahindra.com/Disclaimer.html">http://www.techmahindra.com/Disclaimer.html</a> externally and <a href="http://tim.techmahindra.com/tim/disclaimer.html">http://tim.techmahindra.com/tim/disclaimer.html</a> internally within Tech Mahindra.============================================================================================================================


More information about the tac_plus mailing list