Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

EAP-PEAP

I've read this passage on Cisco web site:

To use PEAP authentication, you must install the PEAP supplicant during ACU installation or Service Pack 1 for Windows XP. This Service Pack includes Microsoft's PEAP supplicant, which supports a Windows username and password only and does not interoperate with Cisco's PEAP supplicant. To use Cisco's PEAP supplicant, install ACU version 5.05 or greater after Service Pack 1 for Windows XP. Otherwise, it will be overwritten by Microsoft's PEAP supplicant.

Which are the differences between Microsoft and Cisco supplicant?

Thanks.

1 REPLY
Community Member

Re: EAP-PEAP

Hi,

Both supplicants support PEAP, but each supports different methods of client authentication through the TLS tunnel. The Microsoft PEAP supplicant supports client authentication by only MS-CHAP Version 2, which limits user databases to those that support MS-CHAP Version 2, such as Windows NT Domains and Active Directory. The Cisco PEAP supplicant supports client authentication by OTPs and logon passwords, enabling support for OTP databases from vendors (such as RSA Security and Secure Computing Corporation) and logon password databases (such as LDAP and Novell NDS) as well as Microsoft databases. In addition, the Cisco PEAP client includes the ability to hide user name identities until the TLS encrypted tunnel is established. This provides additional confidentiality that user names are not being broadcast during the authentication phase.

Visit the following page for more information.

http://www.cisco.com/en/US/products/hw/wireless/ps430/products_qanda_item09186a008010018c.shtml

343
Views
0
Helpful
1
Replies
CreatePlease to create content