Export (0) Print
Expand All

1.4 Relationship to Other Protocols

The Extensible Authentication Protocol Method for Microsoft CHAP is an EAP method that encapsulates MSCHAPv2 messages to provide password-based authentications in the EAP framework.

The Extensible Authentication Protocol Method for Microsoft CHAP, like EAP, can run over any EAP transport that is specified in [RFC3748]. For more information, refer to the Point-to-Point Protocol (PPP) [RFC1661], PEAP [MS-PEAP], or RADIUS [RFC2865].

The Extensible Authentication Protocol Method for Microsoft CHAP should not be confused with another protocol, specified in [IANA-EAP], that has the EAP method type of 0x1D (decimal 29) and the same type description as the Extensible Authentication Protocol Method for Microsoft CHAP. The protocol with that type is unused.

The diagram in section 2.1 illustrates the relationship between EAP [RFC3748], the Extensible Authentication Protocol Method for Microsoft CHAP, and MSCHAPv2 [RFC2759].

The protocol has a configuration setting called fUseWinLogonCreds, as specified in section 3.1.1. The EAP peer that initializes this protocol is responsible for configuring this setting as well. The peer itself might be configured through the group policy. For example, the Group Policy: Wireless/Wired Protocol Extension [MS-GPWL] specifies the group policy protocol to configure and deploy wireless local area network (WLAN). This configuration also carries the EAP method configuration as a part of it. The peer can use this configuration to initialize the MS-CHAP method.

 
Show:
© 2014 Microsoft