24 Apr
2014
24 Apr
'14
4:13 a.m.
Hi,
PEAP comes in two flavours for WPA (since you're using a wireless access point based on the debug): PEAPv0 (from Windows XP onwards) and PEAPv1. PEAPv0 (which Microsoft only refers to as PEAP) only works with EAP-SIM or EAP-MSCHAPv2. PEAPv1 (supported by Cisco) adds EAP-GTC as an inner mechanism, so chances are that yes, the supplicant will always select EAP-MSCHAPv2 if it only supports PEAPv0.
there is also PEAP-EAP-TLS - like EAP-TLS but the EAP-TLS is inside the protected tunnel. 'tis true.
My aim is to only allow MSCHAPV2, however, I also get a good reply from the Server if I select
edit eap.conf and your radius virtual servers to remove support for anything you dont want to support. alan