nse7_led-70 Exam QuestionsBrowse all questions from this exam
Go to Exam

nse7_led-70 Exam - Question 28

Refer to the exhibit.

Examine the RADIUS server configuration shown in the exhibit.

An administrator has configured a RADIUS server on FortiGate that points to FortiAuthenticator. FortiAuthenticator is acting as an authentication proxy and is configured to relay all authentication requests to a remote Windows AD server using LDAP.

While testing the configuration, the administrator noticed that the diagnose test authserver command worked with PAP; however, authentication requests failed when using MSCHAP2.

Which two solutions can the administrator implement to get MSCHAP2 authentication to work? (Choose two.)

Show Answer
Correct Answer: ABC

To resolve the issue where MSCHAP2 authentication fails, the administrator needs to enable Windows Active Directory Domain Authentication on FortiAuthenticator to add it to the Windows domain. This allows FortiAuthenticator to properly handle MSCHAP2 requests. Additionally, changing the back-end authentication server from LDAP to RADIUS on FortiAuthenticator is necessary because RADIUS natively supports MSCHAP2, whereas LDAP does not. These adjustments should enable successful MSCHAP2 authentication.

Discussion

2 comments
Sign in to comment
aandreou020Options: AC
Feb 16, 2024

Correct A C

kinge2Options: AC
Feb 25, 2024

A is correct - page 48 study guide, C correct page 47 of study guide