Re: [m0n0wall] 2 quick questions about PPTP

From:	joshmccormack at travelersdiary dot com
To:	M0N0Wall firewall <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] 2 quick questions about PPTP
Date:	Mon, 26 Jan 2004 08:21:33 -0600 (CST)

On Mon, 26 Jan 2004, Manuel Kasper wrote:

<snip> 
> MD5 CHAP and MS CHAP v1 and v2. I think I'll turn off MSCHAPv1 in future 
> releases though, because it is also considered insecure. PAP is 
> plaintext and as such it's always off.
> 
> - Manuel

Are there plans for implementing 802.1x authentication? According to
http://www.computerworld.com/mobiletopics/mobile/story/0,10801,79995,00.html 

"The tunneled methods of EAP-TTLS and EAP-PEAP actually provide mutual authentication to other
methods that utilize the familiar user ID/password methods, i.e. EAP-MD5, EAP-MSCHAP V2, in order to
authenticate the client to the server. This method of authentication occurs through a secure TLS
encryption tunnel that borrows techniques from the time-tested secure Web connections (HTTPS) used
in online credit card transactions. In the case of EAP-TTLS, legacy authentication methods can be
employed through the tunnel, such as PAP, CHAP, MS CHAP and MS CHAP V2."

Josh