EAP-TLS patch for pppd
Home Download Documentation Links

 

About EAP-TLS

The Extensible Authentication Protocol (EAP; RFC 3748) is a security protocol that can be used with PPP. It provides a means to plug in multiple optional authentication methods.

Transport Level Security (TLS; RFC 2246) provides for mutual authentication, integrity-protected ciphersuite negotiation and key exchange between two endpoints.

EAP-TLS (RFC 2716) incapsulates the TLS messages in EAP packets, allowing TLS mutual authentication to be used as a generic EAP mechanism.

Why was written

This patch was written to use pppd in a VPN with IPSec/L2TP and allow Windows users to authenticate using smartcards with certificates.

Features

  • Allow EAP-TLS authentication in pppd
  • Both client and server mode supported
  • CRL handling
  • CRL automatic updating

Notes

This software was developed in SPE laboratories with help from Paolo Prandini.
For everything you may want to know/say about it, contact the author or SPE.

Beniamino Galvani - bengal(at)interfree.it
S. P. E.® Sistemi e Progetti Elettronici s.a.s. di P. Prandini & C.
 Via Liguria, 5 • 25125 BRESCIA • Italy
tel. +39 0302427266 • fax +39 02700406565 • email info@spe.it