it seems that m0n0wall authenticates with a radius server using PAP.. which
transmits the passwords on clear over the network. and with a good sniffers
it's possible to retrieve those passwords.. I have done the test myself..
I have no knowledge how to set up https.. I don't own a valid certificate
and i don't know how get one.
thank you very much.