802.1X Authentication Overview
First things first. It’s 802.1X, not 802.1x or 802.11x. Now that we have that straight, let’s move on. 802.1X is an Institute of Electrical and Electronics Engineers (IEEE) standard for port based network access control. 802.1X provides a framework for authentication and authorization as well as dynamic encryption key management for over the air encryption. With 802.1X, all traffic with the exception of authentication...
EAP-PEAP – A Closer Look
In the 802.1x Authentication Overview blog we established that EAP is layer 2 protocol used within the 802.1X framework to validate users and devices. Further that EAP is very flexible in that there are many different flavors of EAP or EAP methods available. Some are proprietary such as Cisco LEAP while others are standards-based such as EAP-TLS. Some provide mutual authentication while others do not. Some require both server and...
EAP-PEAP – Certificate Requirements
EAP-PEAPv0 (EAP-MSCHAPv2) requires a server certificate be installed on the RADIUS server in order to establish a secure TLS tunnel. Client computer and user certificates are not required as EAP-MSCHAPv2 is password-based. If Mutual Authentication is configured, the server certificate must be trusted by the client. This will require the CA certificate be installed on the client. See Mutual Authentication below for further information....
Recent Comments