LEAP and PEAP protocols

classic Classic list List threaded Threaded
4 messages Options
| Threaded
Open this post in threaded view
|

LEAP and PEAP protocols

Juan Daniel Moreno
Hi everybody again,

I would like to know if any of you has somme information about LEAP and PEAP protocols. Does any RFC about them exist? I find nothing in the net. Thanks you!!!

Juan

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: LEAP and PEAP protocols

Alan DeKok
Juan Daniel Moreno <[hidden email]> wrote:
> I would like to know if any of you has somme information about LEAP and PEAP
> protocols. Does any RFC about them exist? I find nothing in the net. Thanks
> you!!!

  doc/rfc/*

  Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: LEAP and PEAP protocols

David Mitton
In reply to this post by Juan Daniel Moreno
LEAP is a proprietary protocol of Cisco's.   They have never published a spec, but it has been reverse engineered. (use Google)
It is severely flawed.

PEAP is in an Internet Draft (v2), but what Microsoft has implemented (v0) and what Cisco supports(v1) are two different derivations of previous versions.
You will have to do some archival spelunking to get specs that may agree with the implementations.

Good luck!

Dave.

----- Original Message -----
From: "Alan DeKok" <[hidden email]>
To: "FreeRadius users mailing list" <[hidden email]>
Subject: Re: LEAP and PEAP protocols
Date: Fri, 12 Aug 2005 11:10:52 -0400

>
> Juan Daniel Moreno <[hidden email]> wrote:
> > I would like to know if any of you has somme information about LEAP and PEAP
> > protocols. Does any RFC about them exist? I find nothing in the net. Thanks
> > you!!!
>
>    doc/rfc/*
>
>    Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: LEAP and PEAP protocols

Kris Benson
FreeRadius users mailing list <[hidden email]> on
August 12, 2005 at 09:04 -0800 wrote:
>LEAP is a proprietary protocol of Cisco's.   They have never published a
>spec, but it has been reverse engineered. (use Google)
>It is severely flawed.

What he said.
>
>PEAP is in an Internet Draft (v2), but what Microsoft has implemented
>(v0) and what Cisco supports(v1) are two different derivations of
>previous versions.
>You will have to do some archival spelunking to get specs that may agree
>with the implementations.

PEAP and LEAP are different beasts.

If you want the auth features of LEAP (e.g. simple username/password),
your best bet is to look at EAP-TTLS/PAP.  If you want the hashing
functions (whereby CHAP of some sort is used), PEAP will work, given the
right subtype.

-kb
--
Kris Benson, CCP, I.S.P.
Technical Analyst, District Projects
School District #57 (Prince George)

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html