[How To] Freeradius 2.14 (PEAP – MSCHAP)

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Wed Mar 11 10:39:09 CET 2009


Hi,

> > For thoses, who are interested by setting up PEAP/MSHCAP under Freeradius
> > 2.14, I wrote a simple how-to.
> > I hope it could help someone. :)
> 
> Thanks for the how-to.
> 
> Sorry if this is such a basic question, but what are the advantages of
> using freeradius for this purpose (PEAP/MSCHAP) compared to using
> Microsoft's IAS/NPS?

apart from flexibility, capabilities and logging (you can use
FR for more than just PEAP and EAP-TLS, the server functionality
is extensible with new features added very frequently, live debugging
and tracing of packets, live low-level 'console' access) ?

I'd add in much much better attribute handling/filtering, much
more powerful and configurable proxying or both auth and accouting
packets. also add in better statistics, better RFC obeyance.

the only other product in the same sort of ball-park is RADIATOR

if, however, you have no need to have visibility, dont need to
proxy, have a system where PEAP (or EAP-TLS) is the only method
of authentication, have your users in AD (rather than in flat file,
SQL, unix, OTP, etc) and you want to spend money too - then IAS.

alan



More information about the Freeradius-Users mailing list