Windows 2003 IAS and Cisco VPN Client

Discussion in 'Cisco' started by Tom, Dec 24, 2004.

  1. Tom

    Tom Guest

    Hi everyone!

    I have a question for the group and any response would be
    appreciated...

    I setup Windows 2003 IAS and Cisco VPN Client using PIX 515 and all
    works great based on the document Cisco provided. However, I have a
    security question:

    The document states that Cisco VPN client will only support PAP or SPAP
    without any encryption (tested it, it's true...). What does that mean
    for security? Are the username and password being passed unencrypted?
    The tunnel is already created using the vpngroup so I'm not very
    sure... I could not find any good answers from Cisco or Microsoft and
    was wondering if anyone found this answer...

    Thank you all!

    Tom
     
    Tom, Dec 24, 2004
    #1
    1. Advertisements

  2. Tom

    Scott Lowe Guest

    If I am not mistaken, the IPSec negotation and establish of an SA occur
    before the username and password are passed from the client to the
    server. Between the client and the PIX, then, the authentication
    information is protected by the IPSec tunnel. Between the PIX and the
    IAS server, however, the traffic is not protected--typically this is
    not a concern since this should be a trusted network anyway.

    HTH.
     
    Scott Lowe, Dec 26, 2004
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.