Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

pl help: EAP-TTLS configuration

hi,

if any one had implemented EAP-TTLS as secuirty between clients and wireless devices, then pl help me in configring. And what are the security devices required

Regards

Srihari

7 REPLIES
Bronze

Re: pl help: EAP-TTLS configuration

The following document will help you in configuring EAP-TLS on your environment.

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a008009256b.shtml

New Member

Re: pl help: EAP-TTLS configuration

I did this but deos not work,

Does any one have further documents,

Thanks

Re: pl help: EAP-TTLS configuration

Do you want to configure EAP-TLS or EAP-TTLS?

Both are different.

If EAP-TLS, then what is the radius server, and have you configured client certificates on clients?

What is the error logs do you get on Authentication server?

That will give you right direction.

Regards,

Prem

New Member

Re: pl help: EAP-TTLS configuration

Thanks for giving a response,

I want to configure EAP-TTLS, and i have radius server as Cisco ACS. If you have any procedural document for configuring EAP-TTLS, could you please share.

Regards

Srihari

Re: pl help: EAP-TTLS configuration

That?s what I suspected.

Unfortunately Cisco ACS doesnot support EAP-TTLS

These are the protocol supported,

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs41/user/overvw.htm#wp849719

-EAP-MD5

-EAP-TLS

-LEAP

-PEAP

-EAP-FAST

Also check,

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs41/user/overvw.htm#wp857274

http://en.wikipedia.org/wiki/Extensible_Authentication_Protocol

What I can suggest you is go for protocol similar to EAP-TTLS i.e. PEAP

PEAP Configuration:

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a0080545a29.shtml

Regards,

Prem

New Member

Re: pl help: EAP-TTLS configuration

Dear Prem,

We had allready implemented PEAP but we have a new requirement that we have to install EAP-TTLS.

what is hte next alternative for this solution and EAP -TTLS is more secured then EAP-TLS (PEAP).

Regards

srihari

Re: pl help: EAP-TTLS configuration

Hi Srihari,

This will give you a good idea,

MS PEAP vs. EAP-TTLS:

http://seclists.org/basics/2005/Feb/0032.html

http://www.cwnp.com/phpBB2/viewtopic.php?p=900&

EAP-TLS vs. EAP-TTLS:

http://www1.ietf.org/mail-archive/web/ietf/current/msg39667.html

EAp-TLS is what I'll go for, but its takes more planning, and more components.

Regards,

Prem

404
Views
13
Helpful
7
Replies
CreatePlease to create content