|
The original release of the VPN-Q 2006
client only supported MS-CHAPv2 authentication even if other authentication
types were selected in ISA Server or RRAS. This behaviour was by design. Many
2-factor / multi-factor authentication systems use RADIUS as a method of
authenticating the token credentials and require PAP authentication to allow for
the separation of the PIN and password.
To make VPN-Q 2006 more compatible
with multi-factor authentication solutions an update has been made available
that enables the VPN-Q 2006 client to support the following authentication types
for the VPN connections:
- PAP
- CHAP
- MS-CHAP
- MS-CHAPv2
The updated client will be able to
authenticate using any of the above authentication types negotiated with ISA
Server or RRAS. If multiple authentication types are enabled on the VPN server
then the most secure option is used as per Microsoft default behaviour.
Winfrasoft recommends using the original default setting of MS-CHAPv2 when
only username and password are used for authenticating VPN connections.
To obtain this update:
This update was first in included in Service Pack 1 and is no longer
available separately for download.
|