An administrator needs to secure RADIUS traffic between two servers. Which of the following is
the BEST solution?
A.
Require IPSec with AH between the servers
B.
Require the message-authenticator attribute for each message
C.
Use MSCHAPv2 with MPPE instead of PAP
D.
Require a long and complex shared secret for the servers
So when do you use IPSec between Radius Servers?
I’m confused, because AH doesn’t provide encryption, and it only provides authentication and integrity.
I think the answer is C.
http://techgenix.com/understanding-configuring-network-policy-access-services-server-2012-part3/