>
> > I've read in the docu that CHAP will not work when using
> > encrypted passwords (which is what I have in LDAP)
>
> That's correct, you'll have to un-encrypt the passwords
> in LDAP or use PAP. If you require encrypted passwords in
> LDAP, you should disable CHAP on the Cisco.
>
The really big security risk with CHAP is that you need to store all passwords in your
DB in cleartext. Nice trophy for an intruder...
/Ingvar
===
Archive at http://www.starport.net/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
