Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
756
Views
0
Helpful
2
Replies

PEAP sending username in the clear

rsumpter
Level 1
Level 1

‎06-04-2004 09:44 AM - edited ‎07-04-2021 09:41 AM

It was my understanding the PEAP created an SSL tunnel for transmitting ALL of the user credentials. When I capture a PEAP authentication with my sniffer the user ID is passed in the clear. Is this normal or do I have something configured wrong?

Labels:
0 Helpful
2 Replies 2

scottmac
Level 10
Level 10

‎06-08-2004 03:32 PM

I believe what you are seeing is normal. According to some Cisco stuff I read (it's been a while), Open auth is preferred, because using shared / encrypted info may provide an attacker with useful information (predictable information exchange).

Once the intial auth is granted, eveything is encrypted with dynamic keys or tunneled and is secure.

FWIW

Scott

0 Helpful

ingservis
Level 1
Level 1

‎06-26-2004 02:29 PM

From being present on Cisco web site and designing a few wireless networks I have stumbled on this info somewhere in docs.... what you are seeing is a part of a secure channel process creation ...and you are seeing Microsoft side of it, cause issue with Win platform is that on channel creation it sends login/username in clear text douring EAP...secure channel creation process...

...I also remember that there is a reason for it, for interoperability with something, but can not remember specifics...

I think this answers your question... I believe it is normal..

Regards

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card