- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-13-2011 11:50 AM
I have looked through the RADIUS configuration guide located at https://live.paloaltonetworks.com/docs/DOC-1701, and I was wondering about the requirement to enable unencrypted PAP authentication. We are subject to PCI Data Security Standards compliance, and one of the requirements is that passwords never be transmitted in clear text across a network. Is there a way to use our Active Directory for authenticating admin access to the Palo Alto, without using unencrypted authentication?
04-13-2011 03:45 PM
Though the PAP authentication is not encrypted, the RADIUS protocol automatically encrypts passwords when communicating over the network. Since the PAP authentication happens within the context of RADIUS you should be fine.
Cheers,
Kelly
04-13-2011 03:45 PM
Though the PAP authentication is not encrypted, the RADIUS protocol automatically encrypts passwords when communicating over the network. Since the PAP authentication happens within the context of RADIUS you should be fine.
Cheers,
Kelly
04-14-2011 06:57 AM
Excellent. Thanks for the clarification.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!