Collaborate Disseminate
I’m wondering how key negotiation works for WPA2 Enterprise where a clear text protocol like EAP is used to authenticate the user. All the info I was able to find suggests that EAP is an inherently insecure authentication met… Continue reading How are encryption keys derived between NAS and Supplicant for 802.1x when using EAP as authentication method?
I have a Supplicant running on 1 Linux box attached with a Free radius server on other linux box with cisco catalyst switch (with 802.1x Port based access) in between. Now I have been able to successfully complete the authent… Continue reading How DHCP client can determine that 802.1x Port based authentication has been completed and its time to trigger DHCP discover
I’m currently in process of testing EAP-TLS before deploying it in production. My test setup consists of:
Supplicants: Android 6, Debian Buster with WICD-GTK.
Authenticator: Mikrotik RouterOS 6.43 (actually it is passing t… Continue reading WPA2-Enterprise / EAP-TLS user identity
I was looking at a sample PCAP from 1 of configured CISCO catalyst switch configured for EAP-TLS authentication. In few snippets there were 2 EAP request and EAP response followed by EAP failure transmitted from Authenticatio… Continue reading In which Scenarios an Authentication can itself trigger EAP Failure message
If a client(supplicant) configure to perform EAP-TLS authentication connects with a switch which doesn’t requires authentication.
How can supplicant determine that authentication is not required and go ahead without authent… Continue reading How WPA supplicant can determine whether switch supports authentication or not?
I am trying to setup a Supplicant- authenticator and AAA server to perform EAPOL mechanism.
I am able to successfully completed the EAP authentication procedure but 4-way handshake was not initiated by Authenticator. I have… Continue reading How does Authenticator gets the PMK which is used to calculate PTK?
Does EAP exist as an authentication protocol itself, or will it only be found implemented as one of its methods (EAP-TLS, EAP-TTLS, etc)?
If EAP is only a framework, what additional detail do its methods provide that allows … Continue reading Does EAP exist as an independent authentication protocol, or just as a framework?
Which of the two following has a stronger cryptographic strength in withstanding brute-force attacks?
WPA/WPA2 Enterprise using 2048-bit RSA public-key
WPA/WPA2 Personal using 63-character Passphrase
My office LAN does not have a Windows Active Directory.
The Wifi use WPA with a pre-shared key, which means that everyone in the world knows what the key is.
I was thinking of implementing a RADIUS server and switching to t… Continue reading How to prevent users sharing WPA RADIUS keys?
I have doubt about how to implement hotspot for my startup. Idea is to have implemented WPA2-Enterprise with remote radius server and splash page. This implementation came after the reason of ease of remembering password on c… Continue reading Hotspot SSL issues, MtTM like exceptions