Extensible Authentication Protocol
(EAP) Support for RADIUS | All new RADIUS server profiles
use PEAP-MSCHAPv2 as the default Authentication Protocol ,
and the Make Outer Identity Anonymous option
is enabled by default. The Auto option for
the Authentication Protocol has been deprecated. With
this deprecation, after you upgrade a firewall that was previously
configured to use Auto , the firewall will use
CHAP or PAP based on the protocol that was in use before the upgrade;
a firewall that was not configured to use RADIUS authentication
before upgrade will default to CHAP. After you upgrade, Panorama
templates use CHAP as the default authentication protocol. When
you downgrade a firewall that was configured to use PEAP-MSCHAPv2,
PEAP with GTC, or EAP-TTLS with PAP, the firewall will default to
CHAP. |