Using Password Authentication Protocol (PAP) for MAC Authentication

The Password Authentication Protocol (PAP) provides a simple method for the peer to establish its identity. PAP is considered a weak authentication method as the password details of the client are sent over to the authentication server using a one-way hash function, which is prone to repeated trail attacks. Password of the client is appended with the authentication servers secret password and a hash output is generated. This data is sent over a RADIUS packet to the authentication server.

Limitations

  • PAP support for 802.1x clients is not available.

  • PAP as default method for MAC Authentication is not supported.

  • PAP as a backup method to CHAP is not supported.

Supported features

  • Provides authorized and cached reauthentication support.

  • Provides server group support for PAP-RADIUS.