Summary
The following are some of the key points we touched upon in this chapter:
- EAP is a framework with extensibility as a core feature. This allows new EAP methods to be introduced without any changes to the authenticator.
- EAP allows us to proxy requests through third-party RADIUS servers without exposing a person's username and password when we use EAP-TTLS or PEAP.
- Tunneled EAP methods have two identities, which can be compared with one another.
- The use and distribution of a dedicated self-signed CA is recommended for maximum security. Educate the users to install and specify the use of the self-signed CA in the supplicant configuration.
- The value of the
User-NameAVP returned in anAccess-Acceptwill be used by the authenticator when sending ...
Get FreeRADIUS Beginner's Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
