(새 문서: RADIUS 인증 시험) |
|||
| (8 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | RADIUS | + | Testing the RADIUS authentication depends on the operating system of a device and a android device needs to set phase 2 authentication. |
| + | |||
| + | ==== User Authentication in Local Database ==== | ||
| + | {| class="wikitable" | ||
| + | ! Operating system !! EAP !! CA Certificate !! phase 2 authentication | ||
| + | |- | ||
| + | | Android || TTLS or PEAP || Select "Do not validate" || TTLS-GTC, TTLS-PAP, TTLS-MSCHAPV2,<br>PEAP-GTC, or PEAP-MSCHAPV2<ref> | ||
| + | If you select the MSCHAPV2, you must add a user-password as clear-text or Windows NT hashed.</ref> | ||
| + | |- | ||
| + | | IOS || - || Trust the "BaseinWPA Server Certificate" || - | ||
| + | |- | ||
| + | | Windows 8, 10 || - || - || - | ||
| + | |} | ||
| + | |||
| + | |||
| + | ==== External Database / LDAP ==== | ||
| + | You can't use some phase 2 authentication methods because the user-password must be decrypted into the plaintext to authenticate the user credentials from a remove database or a LDAP server, | ||
| + | |||
| + | {| class="wikitable" | ||
| + | ! Operating system !! EAP !! CA Certificate !! phase 2 authentication | ||
| + | |- | ||
| + | | Android || TTLS or PEAP || Select "Do not validate" || TTLS-GTC, TTLS-PAP, or PEAP-GTC | ||
| + | |- | ||
| + | | IOS || - || Trust the "BaseinWPA Server Certificate" || - | ||
| + | |- | ||
| + | | Windows 10<ref>The older Microsoft Windows than version 10 does not support TTLS-GTC, TTLS-PAP, or PEAP-GTC</ref> || - || - || - | ||
| + | |} | ||
| + | |||
| + | The hyphen(-) means "don't care." | ||
Latest revision as of 14:15, 9 August 2023
Testing the RADIUS authentication depends on the operating system of a device and a android device needs to set phase 2 authentication.
User Authentication in Local Database
| Operating system | EAP | CA Certificate | phase 2 authentication |
|---|---|---|---|
| Android | TTLS or PEAP | Select "Do not validate" | TTLS-GTC, TTLS-PAP, TTLS-MSCHAPV2, PEAP-GTC, or PEAP-MSCHAPV2[1] |
| IOS | - | Trust the "BaseinWPA Server Certificate" | - |
| Windows 8, 10 | - | - | - |
External Database / LDAP
You can't use some phase 2 authentication methods because the user-password must be decrypted into the plaintext to authenticate the user credentials from a remove database or a LDAP server,
| Operating system | EAP | CA Certificate | phase 2 authentication |
|---|---|---|---|
| Android | TTLS or PEAP | Select "Do not validate" | TTLS-GTC, TTLS-PAP, or PEAP-GTC |
| IOS | - | Trust the "BaseinWPA Server Certificate" | - |
| Windows 10[2] | - | - | - |
The hyphen(-) means "don't care."