Home » Cisco » 210-260 v.2 » Which RADIUS server authentication protocols are supported on Cisco ASA firewalls?
Which RADIUS server authentication protocols are supported on Cisco ASA firewalls? (Choose three.)
A. EAP
B. ASCII
C. PAP
D. PEAP
E. MS-CHAPv1
F. MS-CHAPv2
Correct Answer: CEF
Explanation/Reference:
Explanation:
The ASA supports the following authentication methods with RADIUS servers:
PAP—For all connection types.
CHAP and MS-CHAPv1—For L2TP-over-IPsec connections.
MS-CHAPv2—For L2TP-over-IPsec connections, and for regular IPsec remote access connections when the password management feature is enabled. You can also use MS-CHAPv2 with clientless connections.
Authentication Proxy modes—For RADIUS-to Active-Directory, RADIUS-to-RSA/SDI, RADIUS- to-Token server, and RSA/SDI-to-RADIUS connections, Reference: http://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/aaa_radius.html#pgfId-1211697
Be careful, there is a difference between Radius and TACACS
RADIUS is PAP, CHAPv1 and CHAPv2
TACACS is ASCII,PAP,CHAPv1