Forum

  • TTLS isn't more secure than PEAP. It depends on "How You configure wlan suplicants". For example, If You select  "Disconnect if server doesn't present cryptobinding TLV" in Win7 wireless connnection Protected EAP properties, Your PEAP connection is more secure thant eqally configured EAP-TTLS conncection with MS-CHAPv2 authentication, because in such case PEAP cryptographically bind inner and outer tunnels and prevent against MiTM attacks. EAP-TTLS advantage is legacy and esoteric authentication methods support: MD5, PAP, CHAP, MS-CHAP, MS-CHAPV2, GTC, SIM, SPEKE, TLS etc. For example:

    #EAP-TTLS/TLS

    network={

    ssid="cuckoo"

    scan_ssid=1

    key_mgmt=WPA-EAP

    eap=TTLS

    proto=WPA2

    pairwise=CCMP

    group=TKIP

    anonymous_identity="anonymous"

    ca_cert="/mnt/sda1/OpenVPN/ca.crt"

    phase2="autheap=TLS"

    identity="client"

    ca_cert2="/mnt/sda1/OpenVPN/ca.crt"

    client_cert2="/mnt/sda1/OpenVPN/client.crt"

    private_key2="/mnt/sda1/OpenVPN/client.key"

    priority=1

    }

     

Page 1 of 1
  • 1