What are the different authentication methods used in VPNs?The authentication method uses an authentication protocol. The methods are:
a. EAP authentication method: Extensible authentication protocol authenticates remote access connection. The authentication mechanism is decided between the remote VPN client and authenticator (ISA). The mechanism is typical in which authenticator requests for authentication information and the responses are given by the remote VPN client.
b. MS Chap Authentication method: Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) starts with the authenticator (Remote access server) challenge. The challenge to the remote access client sends a session identifier and challenge string. The client in response sends the nonreversible encryption of the string, the identifier and password. Authenticator checks the credentials and grants access on a successful authentication.
c. Unencrypted passwords (PAP): Uses plain text passwords. Does not involve encryption. Used for less secure clients.
d. Shiva Password Authentication Protocol (SPAP): It is a password authentication protocol. It is less secure as the same user password is always sent in the same reversibly encrypted form