[Tutorial] - Clearpass Authentication using EAP-TEAP (EAP-Chaining)
04-28-2020 05:09 PM - edited 04-28-2020 07:14 PM
Attached is a PDF on how to configure Clearpass authentication using EAP-TEAP, also known as EAP-Chaining.
Device: Windows 10 Insider Preview 2004 build 19613.
EAP-TEAP (RFC: 7170) Abstract:
This document defines the Tunnel Extensible Authentication Protocol (TEAP) version 1. TEAP is a tunnel-based EAP method that enables secure communication between a peer and a server by using the Transport Layer Security (TLS) protocol to establish a mutually authenticated tunnel. Within the tunnel, TLV objects are used to convey authentication-related data between the EAP peer and the EAP server.
EAP-TEAPv1 allows for the User and Machine to authenticate during the same session. This will make User + Machine authentication much more graceful.
Instead of relying on the Machine authentication cache in CPPM, you will get the authentication status on the first authentication attempt of both the User and Machine.