Hi, > > For thoses, who are interested by setting up PEAP/MSHCAP under Freeradius > > 2.14, I wrote a simple how-to. > > I hope it could help someone. :) > > Thanks for the how-to. > > Sorry if this is such a basic question, but what are the advantages of > using freeradius for this purpose (PEAP/MSCHAP) compared to using > Microsoft's IAS/NPS?
apart from flexibility, capabilities and logging (you can use FR for more than just PEAP and EAP-TLS, the server functionality is extensible with new features added very frequently, live debugging and tracing of packets, live low-level 'console' access) ? I'd add in much much better attribute handling/filtering, much more powerful and configurable proxying or both auth and accouting packets. also add in better statistics, better RFC obeyance. the only other product in the same sort of ball-park is RADIATOR if, however, you have no need to have visibility, dont need to proxy, have a system where PEAP (or EAP-TLS) is the only method of authentication, have your users in AD (rather than in flat file, SQL, unix, OTP, etc) and you want to spend money too - then IAS. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
