Can you please explain the difference between "PEAP" and "EAP-TTLS" ?It seems both use TLS tunnel to protect wireless communication. And both require a certificate on the 802.1x server but not for the client.
-
PEAP Versus EAP-TTLS
-
@razmik-artonian-0 said in PEAP Versus EAP-TTLS:
Can you please explain the difference between "PEAP" and "EAP-TTLS" ?It seems both use TLS tunnel to protect wireless communication. And both require a certificate on the 802.1x server but not for the client.
-
With EAP-TTLS, server authentication to the client via certificate (optionally, client to server is possible). Once done, the TLS handshake creates the secured tunnel that authentication methods use. So it doesn't do the authentication it provides the security for authentication to take place.
-
With PEAP, the same thing happens where the TLS tunnel is established for authentication too. (I restate these facts for others who may be reading this...so pardon my rehash).
The difference comes down to what TTLS and PEAP "wraps".
- PEAP is a wrapper around EAP carrying the EAP for authentication
- TTLS is a wrapper around
TLVs (Type Length Values)which are RADIUS attributes.
-
