EAP was lately introduced as the newest PPP authentication protocol with MS CHAP V2 based features. During the authentication phase EAP is not in the picture! That's the biggest difference between EAP and other methods. EAP does not perform any sort of authentication, it in-fact only negotiates the actual EAP type and the user authentication is done by the Domain controller which hold the user database or a RADIUS (Remote Dial-in User Service) which works are an agent to get user credentials verified against a Domain Controller.
Until MS-CHAP V2, this authentication was happening only at the NAS server with the user database but with EAP, it's against a central user database holder or a Domain Controller only.
EAP is a new PPP authentication protocol that allows for an arbitrary authentication method. Once the user is connected over PPP, NAS server immediately collects the user credentials and sends them over to a RADIUS or Domain Controller for verification.
Posted by: Wasim Javed
No comments:
Post a Comment