Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
728
Views
0
Helpful
2
Replies

PEAP weakness ???

g.rodegari
Level 1
Level 1

‎01-04-2005 01:26 AM - edited ‎07-04-2021 10:18 AM

Hello,

I'm using PEAP to authenticate my Microsoft WiFi clients.

If I well understood, with PEAP I've a TLS session between my clients and CiscoSecure, for secure, private, user authentication.

After the successful authentication, however, the communication between AcessPoint and WiFi Clients

use WEP protocol for confidentiality... then, if someone sniff this, could intercept and decrypt the communication....

I mean: with PEAP the authentication is mostly secure and verified but someone could anyway intercept my post-authentication data... the embedded insecurity of WEP still remains.

Is it correct?

The workaround could be use WPA intested of WEP?

But... I think that with Windows XP, WPA is not still supported... I'm right?

Thank you,

G.

Labels:
0 Helpful
2 Replies 2

raphaelrobertson
Level 1
Level 1

‎01-04-2005 09:08 AM

WPA is supported in XP, SP2 has it included, SP1 needs a rollup package installed.

WEP is used with PEAP, TKIP is used with WPA.

0 Helpful

g.rodegari
Level 1
Level 1
In response to raphaelrobertson

‎01-04-2005 10:28 AM

Thank you,

I' just trying PEAP with TKIP, I think that PEAP also works well with WPA.

My AP configuration is this:

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption vlan 1 mode ciphers tkip

!

ssid spalmen

vlan 1

authentication open eap eap_methods

authentication network-eap eap_methods

authentication key-management wpa

guest-mode

!

On XP Client side:

- encryption: WPA with TKIP

- authentication: PEAP with Certificate

Thanks,

G.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card