Protected Extensible Authentication Protocol (Peap); Eap And User Database Compatibility - Cisco 8821 Manual

Protected Extensible Authentication Protocol (PEAP)

Protected Extensible Authentication Protocol (PEAP) uses server-side public key certificates to authenticate clients by creating
an encrypted SSL/TLS tunnel between the client and the authentication server.
The ensuing exchange of authentication information is then encrypted and user credentials are safe from eavesdropping.
PEAP-GTC and PEAP-MSCHAPv2 are supported inner authentication protocols.
PEAP requires that a user account be created on the authentication server.
The authentication server can be validated via importing a certificate into the Cisco Wireless IP Phone 8821 and 8821-EX.
For more information on Cisco Secure Access Control System (ACS) and Cisco Identity Services Engine (ISE), refer to the
following links.
http://www.cisco.com/c/en/us/products/security/secure-access-control-system/datasheet-listing.html
http://www.cisco.com/c/en/us/products/security/identity-services-engine/datasheet-listing.html

EAP and User Database Compatibility

The following chart displays the EAP and database configurations supported by the Cisco Wireless IP Phone 8821 and 8821-
EX.
Database Type
Cisco ACS
Windows SAM
Windows AD
LDAP
ODBC
(ACS for Windows Only)
Cisco Wireless IP Phone 8821 and 8821-EX Wireless LAN Deployment Guide
EAP-FAST
EAP-TLS
(Phase Zero)
Yes Yes
Yes No
Yes Yes
No Yes
Yes Yes
PEAP-GTC PEAP-MSCHAPv2
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
Yes
34