| Dialog box element | Description |
|---|---|
Extensible authentication protocol (EAP) |
Specifies whether the server uses EAP to authenticate remote access and demand-dial connections. |
Microsoft encrypted authentication version 2 (MS-CHAP v2) |
Specifies whether the server uses Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) version 2 to authenticate remote access and demand-dial connections. MS-CHAP v2 provides mutual authentication and stronger encryption and is required for encrypted Point-to-Point (PPP) or Point-to-Point Tunneling Protocol (PPTP) connections. |
Encrypted authentication (CHAP) |
Specifies whether the server uses the Message Digest 5 (MD-5) Challenge Handshake Authentication Protocol (CHAP) to authenticate remote access and demand-dial connections. |
Unencrypted password (PAP) |
Specifies whether the server uses the Password Authentication Protocol (PAP) to authenticate remote access and demand-dial connections. During a PAP authentication, passwords are sent in plaintext, or unencrypted, form. You should use this authentication protocol only if you must support PAP remote access clients. |
Allow remote systems to connect without authentication |
Specifies whether the server allows unauthenticated connections. Unauthenticated connections do not require a user name or password. |
 | Security Note |
We recommend that you do not use CHAP or PAP in your production RRAS deployments. They are included for backward compatibility only. |