ZyWALL Series Internet Security Gateway
EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the server-side
authentications to establish a secure connection. Client authentication is then done by sending username and
password through the secure connection, thus client identity is protected. For client authentication, EAP-
TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-
CHAP v2.
Mutual
Authentication
Certificate – Client
Certificate – Server
Dynamic Key
Exchange
Credential Security
Deployment
Difficulty
Wireless Security
Client Identity
Protection
J-2
EAP-MD5
EAP-TLS
No
No
No
No
None
Strong
Easy
Poor
No
EAP-TTLS
Yes
Yes
Yes
Optional
Yes
Yes
Yes
Yes
Strong
Hard
Moderate
Best
Good
No
Yes
Types of EAP Authentication