Forum

EAP-TTLS & CWSP Study Guide

1 posts by 1 authors in: Forums > CWSP - Enterprise Wi-Fi Security
Last Post: April 9, 2010:

By Vertigo April 9, 2010

Reply

TTLS isn't more secure than PEAP. It depends on "How You configure wlan suplicants". For example, If You select "Disconnect if server doesn't present cryptobinding TLV" in Win7 wireless connnection Protected EAP properties, Your PEAP connection is more secure thant eqally configured EAP-TTLS conncection with MS-CHAPv2 authentication, because in such case PEAP cryptographically bind inner and outer tunnels and prevent against MiTM attacks. EAP-TTLS advantage is legacy and esoteric authentication methods support: MD5, PAP, CHAP, MS-CHAP, MS-CHAPV2, GTC, SIM, SPEKE, TLS etc. For example:

#EAP-TTLS/TLS

network={

ssid="cuckoo"

scan_ssid=1

key_mgmt=WPA-EAP

eap=TTLS

proto=WPA2

pairwise=CCMP

group=TKIP

anonymous_identity="anonymous"

ca_cert="/mnt/sda1/OpenVPN/ca.crt"

phase2="autheap=TLS"

identity="client"

ca_cert2="/mnt/sda1/OpenVPN/ca.crt"

client_cert2="/mnt/sda1/OpenVPN/client.crt"

private_key2="/mnt/sda1/OpenVPN/client.key"

priority=1

}

Page 1 of 1

1

Success Stories

I literally just came out of the testing centre having taken the CWDP exam. The certification process opened my mind to different techniques and solutions. This knowledge can only broaden your perspective. Great job, CWNP, you have a great thing going on here.
-Darren

Working through the CWNP coursework and certifications helped not only to deepen my technical knowledge and understanding, but also it boosted my confidence. The hard work it took to earn my CWNE has been rewarding in so many ways.
-Ben

I want to commend you and all at CWNP for having a great organization. You really 'raise the bar' on knowing Wi-Fi well. I have learned a ton of information that is helping my job experience and personal career goals, because of my CWAP/CWDP/CWSP studies. Kudos to all at CWNP.
-Glenn