topic Radius Authentication and NPS in General Topics https://live.paloaltonetworks.com/t5/general-topics/radius-authentication-and-nps/m-p/575326#M115585 <P>Hello everyone,</P> <P>I'm having trouble configuring palo alto with a Radius NPS server. Basically we do not want to use chap protocols to avoid enabling reversible password. So we wanted to use EAP-TLS but it does not seem compatible with Palo Alto. Then after some research we noticed that palo alto recommended to enable PAP protocol here&nbsp;<A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGMCA0" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGMCA0</A></P> <P>&nbsp;</P> <P>However i don't get it. Would not that mean that the password will be in clear in the network ? What would the best practice be to map palo alto to a radius server ?</P> <P>&nbsp;</P> <P>Thank yu</P> Thu, 01 Feb 2024 14:18:16 GMT zakergfx 2024-02-01T14:18:16Z Radius Authentication and NPS https://live.paloaltonetworks.com/t5/general-topics/radius-authentication-and-nps/m-p/575326#M115585 <P>Hello everyone,</P> <P>I'm having trouble configuring palo alto with a Radius NPS server. Basically we do not want to use chap protocols to avoid enabling reversible password. So we wanted to use EAP-TLS but it does not seem compatible with Palo Alto. Then after some research we noticed that palo alto recommended to enable PAP protocol here&nbsp;<A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGMCA0" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGMCA0</A></P> <P>&nbsp;</P> <P>However i don't get it. Would not that mean that the password will be in clear in the network ? What would the best practice be to map palo alto to a radius server ?</P> <P>&nbsp;</P> <P>Thank yu</P> Thu, 01 Feb 2024 14:18:16 GMT https://live.paloaltonetworks.com/t5/general-topics/radius-authentication-and-nps/m-p/575326#M115585 zakergfx 2024-02-01T14:18:16Z Re: Radius Authentication and NPS https://live.paloaltonetworks.com/t5/general-topics/radius-authentication-and-nps/m-p/576109#M115652 <P>Hello,</P> <P>Looks like that is a pretty old article. I think we set this up a while ago using a secure protocol. I would give it a try and use what the newer NPS server supports.</P> <P>Regards,</P> Mon, 05 Feb 2024 21:10:11 GMT https://live.paloaltonetworks.com/t5/general-topics/radius-authentication-and-nps/m-p/576109#M115652 OtakarKlier 2024-02-05T21:10:11Z