[EMAIL PROTECTED] wrote: > Hi, > >> Hi, >> >> I've seen that Windows XP does not support EAP-TTLS out of the box. I >> know there is at least one package (from SecureW2) that adds this to >> windows. >> >> Could somebody suggest me which other packages do the same? Or should I >> use the one from SecureW2? >> > > open1x.sf.net, Funk Odyssey, Cisco Supplicant (was Aegis Meetinghouse) > > >> We intend to implement 802.1x Campus wide (or at least analyze it's >> viability), but due to our policies we don't want open passwords in our >> database, so PEAP (which uses MS-CHAP, as far as I did understand), is >> not a viable option, despite being the only option native to WinXP. >> > > errm, PEAP uses MSCHAPv2 which never passes the password - its a > challenge response method - and the password, depending on which > resource you use, doesnt need to be cleartext either. The other > option native to WinXP for 802.1X is EAP-TLS > > alan > Ok, then I got something wrong. Is there any link where I could get more details about ms-chapv2 inside PEAP, more exactly concerning this details about password? As far as I knew, ms-chapv2 would always require cleartext passwords in the database.
Tks, Roberto -- ----------------------------------------------------- Marcos Roberto Greiner Os otimistas acham que estamos no melhor dos mundos Os pessimistas tem medo de que isto seja verdade Murphy ----------------------------------------------------- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html