Cisco Cisco IP Phone 8841 Guide De Conception
Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide
34
Protected Extensible Authentication Protocol (PEAP)
Protected Extensible Authentication Protocol (PEAP) uses server-side public key certificates to authenticate clients by creating
an encrypted SSL/TLS tunnel between the client and the authentication server.
The ensuing exchange of authentication information is then encrypted and user credentials are safe from eavesdropping.
PEAP-GTC and PEAP-MSCHAPv2 are supported inner authentication protocols.
an encrypted SSL/TLS tunnel between the client and the authentication server.
The ensuing exchange of authentication information is then encrypted and user credentials are safe from eavesdropping.
PEAP-GTC and PEAP-MSCHAPv2 are supported inner authentication protocols.
PEAP requires that a user account be created on the authentication server.
The authentication server can be validated via importing a certificate into the Cisco Wireless IP Phone 8821 and 8821-EX.
The authentication server can be validated via importing a certificate into the Cisco Wireless IP Phone 8821 and 8821-EX.
For more information on Cisco Secure Access Control System (ACS) and Cisco Identity Services Engine (ISE), refer to the
following links.
http://www.cisco.com/c/en/us/products/security/secure-access-control-system/datasheet-listing.html
http://www.cisco.com/c/en/us/products/security/identity-services-engine/datasheet-listing.html
EAP and User Database Compatibility
The following chart displays the EAP and database configurations supported by the Cisco Wireless IP Phone 8821 and 8821-
EX.
EX.
Database Type
EAP-FAST
(Phase Zero)
EAP-TLS
PEAP-GTC
PEAP-MSCHAPv2
Cisco ACS
Yes
Yes
Yes
Yes
Windows SAM
Yes
No
Yes
Yes
Windows AD
Yes
Yes
Yes
Yes
LDAP
No
Yes
Yes
No
ODBC
(ACS for Windows Only)
Yes
Yes
Yes
Yes