On 02/28/2012 09:58 PM, Alan Buxey wrote: > PEAPv0 is the standard method that everyone uses that was created by > RSA/Microsoft/Cisco > (I think Intel had some say as well...but cant recall) > > its the usual one in almost all clients when you choose 'PEAP' > > Cisco went ahead to 'fix' things and, using GTC as the inner method helped > push for the adoption of PEAPv1 (probably because of the LEAP issues....) > > the 2 are different beasts and almost everyone will only ever need > PEAPv0 - PEAPv1 is a very rare beast..rarer than PEAPv2 ;-) > > if you really want to know the differences the RFCs are free to read... > some people spend their evenings reading such things...i personally > dont find them that thrilling ;-)
Good summary about the different versions. I think part of the problem is there is no PEAP RFC. There are a number of internet-drafts, but none made it to RFC. For example: http://tools.ietf.org/html/draft-kamath-pppext-peapv0-00 and these 10 drafts that go up to version 2: http://tools.ietf.org/html/draft-josefsson-pppext-eap-tls-eap Microsoft seems to maintain PEAP these days: http://msdn.microsoft.com/en-us/library/cc238354%28v=prot.13%29.aspx This PEAP document is frequently updated and has text about version negotiation but uses 0 for its own version. In summary: there are multiple documents with different versions, but version 0 seems to work the best among all implementations. Especially Macs do not like version 1. Heikki -- Heikki Vatiainen <h...@open.com.au> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
