Difference between revisions of "RADIUS Authentication testing"

Latest revision as of 14:15, 9 August 2023

Testing the RADIUS authentication depends on the operating system of a device and a android device needs to set phase 2 authentication.

User Authentication in Local Database

Operating system	EAP	CA Certificate	phase 2 authentication
Android	TTLS or PEAP	Select "Do not validate"	TTLS-GTC, TTLS-PAP, TTLS-MSCHAPV2, PEAP-GTC, or PEAP-MSCHAPV2^[1]
IOS	-	Trust the "BaseinWPA Server Certificate"	-
Windows 8, 10	-	-	-

External Database / LDAP

You can't use some phase 2 authentication methods because the user-password must be decrypted into the plaintext to authenticate the user credentials from a remove database or a LDAP server,

Operating system	EAP	CA Certificate	phase 2 authentication
Android	TTLS or PEAP	Select "Do not validate"	TTLS-GTC, TTLS-PAP, or PEAP-GTC
IOS	-	Trust the "BaseinWPA Server Certificate"	-
Windows 10^[2]	-	-	-

The hyphen(-) means "don't care."

↑ If you select the MSCHAPV2, you must add a user-password as clear-text or Windows NT hashed.
↑ The older Microsoft Windows than version 10 does not support TTLS-GTC, TTLS-PAP, or PEAP-GTC

[1] If you select the MSCHAPV2, you must add a user-password as clear-text or Windows NT hashed.

[2] The older Microsoft Windows than version 10 does not support TTLS-GTC, TTLS-PAP, or PEAP-GTC

[1]

[2]

@@ Line 1: / Line 1: @@
-RADIUS 인증 시험은 운영 체제에 따라 다음과 같이 EAP 및 2단계 인증을 선택 하면됩니다.
+Testing the RADIUS authentication depends on the operating system of a device and a android device needs to set phase 2 authentication.
-==== 로컬 사용자 인증 ====
+==== User Authentication in Local Database ====
 {| class="wikitable"
-! 운영 체제 !! EAP !! CA 인증서 !! 2단계 인증
+! Operating system !! EAP !! CA Certificate !! phase 2 authentication
 |-
-| Android || TTLS 또는 PEAP || 사용 안함 || TTLS-GTC, TTLS-PAP, TTLS-MSCHAPV2<br>PEAP-GTC, PEAP-MSCHAPV2<ref>
+| Android || TTLS or PEAP || Select "Do not validate" || TTLS-GTC, TTLS-PAP, TTLS-MSCHAPV2,<br>PEAP-GTC, or PEAP-MSCHAPV2<ref>
-단, 사용자 비밀번호가 clear-text 또는 Windows NT hashed가 아닌 경우 MSCHAPV2로는 인증 처리 할 수 없습니다.</ref>
+If you select the MSCHAPV2, you must add a user-password as clear-text or Windows NT hashed.</ref>
 |-
-| IOS || - || BaseinWPA Server Certificate 신뢰 선택 || -
+| IOS || - || Trust the "BaseinWPA Server Certificate" || -
 |-
-| Windows 10 || - || - || -
+| Windows 8, 10 || - || - || -
 |}
-==== 외부 데이터베이스 / LDAP 인증 ====
+==== External Database / LDAP  ====
-Android 환경에서 시험 시 외부 데이터베이스나 LDAP 인증시에는 클라이언트로 부터 수신된 비밀번호가 복호화(Decryption)되어야 하므로 2단계 인증은 GTC 또는 PAP만 사용 가능합니다.
+You can't use some phase 2 authentication methods because the user-password must be decrypted into the plaintext to authenticate the user credentials from a remove database or a LDAP server,
 {| class="wikitable"
-! 운영 체제 !! EAP !! CA 인증서 !! 2단계 인증
+! Operating system !! EAP !! CA Certificate !! phase 2 authentication
 |-
-| Android || TTLS 또는 PEAP || 사용 안함 || TTLS-GTC, TTLS-PAP<br>PEAP-GTC
+| Android || TTLS or PEAP || Select "Do not validate" || TTLS-GTC, TTLS-PAP, or PEAP-GTC
 |-
-| IOS || - || BaseinWPA Server Certificate 신뢰 선택 || -
+| IOS || - || Trust the "BaseinWPA Server Certificate" || -
 |-
-| Windows 10 || - || - || -
+| Windows 10<ref>The older Microsoft Windows than version 10 does not support TTLS-GTC, TTLS-PAP, or PEAP-GTC</ref> || - || - || -
 |}
+The hyphen(-) means "don't care."