ZyXEL P-330W User’s Guide
121 Appendix F Types of EAP Authentication
PEAP (Protected EAP)
Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection,
then use simple username and password methods through the secured connection to
authenticate the clients, thus hiding client identity. However, PEAP only supports EAP
methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card),
for client authentication. EAP-GTC is implemented only by Cisco.
Table 48 Comparison of EAP Authentication Types
EAP-MD5 EAP-TLS EAP-TTLS PEAP
Mutual Authentication No Yes Yes Yes
Certificate – Client No Yes Optional Optional
Certificate – Server No Yes Yes Yes
Dynamic Key Exchange No Yes Yes Yes
Credential Integrity None Strong Strong Strong
Deployment Difficulty Easy Hard Moderate Moderate
Client Identity Protection No No Yes Yes
