EAP and PEAP Authentication Protocols
Extensible Authentication Protocol (EAP) and Protected Extensible Authentication Protocol (PEAP) are designed to be used along with a certificate infrastructure that uses user certificates or smart cards.
With EAP, the VPN client sends its user certificate for authentication, and the VPN server sends a computer certificate for authentication. This is the strongest authentication method because it does not rely on passwords. Third-party CAs can be used as long as the certificate in the computer store of the NPS contains the server authentication certificate purpose (also known as a certificate usage or certificate issuance policy). A certificate purpose is identified using an object identifier (OID). If the ...
Get Windows Server® 2012 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
