A Technical Comparison of TTLS and PEAP
Subject:   Two Different PEAPs
Date:   2003-04-05 02:32:26
From:   anonymous2
Response to: Two Different PEAPs

Yup.. sure am. I found that out when I was chosing which vendor to use for a 50 AP rollout...

It REALLY gave me the craps.

The reason is that PEAP is EAP within EAP and both Cisco and MS use different forms for the 2nd level EAP exchange. (MS uses MS-CHAP v2 and Cisco uses... ? not 100% sure)

You really have 2 choices at the moment (but there is a resolution in the wind that I'll get to in a second)

[1] Use the ACU on the clients and a CiscoSecure ACS server

[2] Use only windows 2000/XP clients and you can use MS IAS server

The resolution in the wind in the new version of the Cisco ACU which will support PEAP for MS IAS.


Graham Robinson

Full Threads Oldest First

Showing messages 1 through 2 of 2.

  • Two Different PEAPs
    2003-07-07 08:54:01  anonymous2 [View]

    Another option would be to use Funk's Odyssey Server, which supports both versions of PEAP
    • Two Different PEAPs
      2003-10-04 10:13:15  pppeterd [View]

      Its funny, there are really Three different versions of PEAP. Hopefully everyone will leave the v2 drafts mature and out of the equation at least until my head stops spinning :)

      I think you'll find most RADIUS servers that support PEAP support both (0 and 1) versions. Including Ciscos ACS server.