What is peap wifi

PEAP and version 0 are selected. PEAP enters phase 1. This completes phase 1. This completes phase 2. The security provided by the TLS session established in phase 1 protects the PEAP peer authentication in phase 2 so that passwords or other dictionary-attackable tokens can be used confidentially. PEAP is typically deployed in an environment such as the one depicted in the following figure.

This secure session not only protects the key exchange, but even more importantly it protects the authentication session which left unprotected may compromise the user's password.

The PKI model achieves secure key exchange by using Digital Certificates which are simply digital documents that assert their owners identity. Digital Certificates by themselves are worthless unless they are signed by a trusted entity called a Certificate Authority CA. All modern operating systems contain a preinstalled list of trusted Root Certificates in their CTL, and this is what gives a company like VeriSign the authority to sign digital certificates for servers world wide.

Using a publicly trusted company like VeriSign makes PKI deployment very simple because it is already trusted by every computer or PDA device in the world off the factory floor, but the server certificate may cost hundreds of dollars per year. Private CAs allow you to sign your own digital certificates if you possessed the knowledge and the infrastructure to house your own private CA. This prevents anyone eavesdropping on the The true identity may be either in the form user realm or simply user.

The first question that must be answered is whether you require identity hiding. If not, then proceed with the following section. For users that do not require identity hiding, configure EAP. We will configure the EAP. The EAP. How to Enter the Protected-type Field.

For realms using TTLS, an additional form is available:. Each of these will be explained in detail below. An EAP-Type specification has the following format:.

EAP-Type type. An example of an EAP-Type specification is:. What steps should I use to secure my deployment? PEAP is a common authentication option for wireless networks, and is widely adopted by Microsoft-centric organizations due to native client support in Windows XP and Vista.

PEAP can be a strong authentication choice for wireless LAN environments, if organizations follow a few steps to ensure the integrity of the deployment. Use a trusted certificate for authentication. Validate the server certificate on all clients.