Non-2FA Pass-through
This scenario occurs if the user is not configured for SMS-based OTP, Mobile Application OTP or Hard Token, and the RADIUS client configuration option to allow Active Directory passwords without OTPs is selected.
In this configuration, the user logs in with their Active Directory password.
Supported authentication protocols: PAP, MSCHAPv2.
About upgrading For Microsoft Routing & Remote Access Server (RRAS) PPTP VPNs, encryption of the VPN connection is not performed when the PAP authentication protocol is used, and is therefore not recommended. Most other VPN providers encrypt the connection regardless of the authentication protocol in use. |