I have been happily running pppoe authentication across my 2.4ghz wireless network for about a year now without any problems and wanted to know how secure it actually is?
I am using mschap1 and 2 and have a free radius server running as an access concentrator.
I do not use mac tables as users enjoy the freedom to log on and off using a variety of different devices.
So can some one please tell me how tough this setup is and what can be done to make it stronger.
Thanks.
well if your not running wep/wpa or any wireless based encryption anyone can come along and sniff the content your users are sending/receiving over the pppoe session. get tcpdump running on a wifi card with monitor mode and just set the channel don’t need to associate to the ap. have fun 
might also be possible to get the login/password while a session is authenticating if there is no wireless based encryption to begin with.
Chap is encrypted so sniffing user names and passwords I was told would still be tough. Under the pppoe profile I also have use encryption on, don’t really no what it does though?
Got the same question.
CHAP is just for authenticating the user (session). Once that’s done… there is no indication as to turning on encryption includes data encryption for the pipe or not.
I wish the Mikrotik Gurus answered.
MPPE is the encryption protocol used for PPPoE with encyrption enabled.
For more information on MPPE refer to the following documents, or do a google search.
http://www.kfu.com/~nsayer/freebsd/802-11.html
http://en.wikipedia.org/wiki/Microsoft_Point-to-Point_Encryption
http://tools.ietf.org/html/rfc3078