EAP Protocols Supported
• RSA RADIUS Server:
— Plain: PAP, EAP-GTC, EAP-SecurID, EAP-POTP
— PEAP Tunneled:
EAP-GTC, EAP-SecurID, EAP-POTP
No PAP
— TTLS Tunneled:
PAP, EAP-GTC, EAP-SecurID, EAP-POTP
• RRAS/IAS Service Plugin:
— Plain: EAP-SecurID, EAP-POTP
— PEAP Tunneled: EAP-SecurID, EAP-POTP
— No PAP, GTC, TTLS
EAP Access in RSA SecurID; Wireless, RSA RADIUS, Third party Clients
In V6.1 we add the Funk developed RADIUS server (SBR) as part of the package.
The EAP server component will use the same SecurID API as our EAP server.
Funk supports Microsoft PEAPv0 and Cisco PEAPv1, as well as their own tunnel technology called TTLS which only requires a server certificate and
a client secret.
RSA RADIUS Server also supports PAP/Token Card and EAP-GTC inner methods
EAP Access in RSA SecurID; 802.11 Wireless, MS IAS Server
EAP is the authentication protocol specified by 802.1x authentication
802.1x used for 802.11 wireless but also for authentication for wired connections too where the access point could be an Ethernet hub
Diagram shows Protected EAP (PEAP) establishes a tunnel from client to server
PEAP uses TLS/SSL technology to authenticate, and establish a security association for encryption
PEAP requires certificates be installed on the client and the server, but the testing of the server certificate is optional