Extensible Authentication Protocol

Extensible Authentication Protocol (EAP) is an Internet Engineering Task Force (IETF) standard (RFC 3748) that provides an infrastructure for network access clients and authentication servers to host plug-in modules for current and future authentication methods. Microsoft Windows uses EAP to authenticate Point-to-Point Protocol (PPP)-based connections (such as dial-up, virtual private network remote access, and site-to-site connections) and for IEEE 802.1X-based network access to authenticating Ethernet switches and wireless access points (APs).

Featured Resources

	Extensible Authentication Protocol Overview Learn the basics of EAP and about its support in Windows.
	IEEE 802.11 Wireless LAN Security with Microsoft Windows XP Download only. Get details regarding EAP authentication processes for wireless clients.

Introductory Overviews

Configure Wired Clients to Use EAP-TLS
Procedure to configure a wired access connection profile by using smart cards or user and computer digital certificates in Windows Server 2008.
EAPHost in Windows
Learn about the new EAPHost architecture in Windows Server 2008 and Windows Vista.
The Advantages of Protected Extensible Authentication Protocol (PEAP)
Get the background on the efforts of the IEEE and the IETF to address protected wireless access and a comparison of PEAP with other standards-based and proprietary wireless authentication schemes.

Resources for Using EAP in Network Access Scenarios

Step-by-Step Guide for Setting Up Secure Wireless Access in a Test Lab
Download only. Learn how to configure wireless access with security using IEEE 802.1X authentication with EAP methods in a test lab using a wireless access point and four computers.
Deploying Windows XP Service Pack 2 using Software Update Services
A best-practice approach to implementing a managed rollout of Windows XP SP2.
Deployment of IEEE 802.1X for Wired Networks Using Microsoft Windows
Download only. Discover how to deploy secure wired access in Windows Server 2003 and Windows XP with IEEE 802.1X authentication and EAP methods using authenticating switches, client computers running Windows, and an authentication infrastructure.
Virtual Private Networking with Windows Server 2003: Deploying Remote Access VPNs
Deploy VPN-based remote access connections with EAP.
Virtual Private Networking with Windows Server 2003: Deploying Site-to-Site VPNs
Deploy VPN-based site-to-site connections with EAP.

Developer Resources

EAP API
Use the EAP API in the Windows Platform SDK to develop and install your EAP type for computers running Windows XP, Windows Server 2003, or Windows 2000.
EAPHost API
Use the EAPHost API in the Windows Platform SDK to develop EAP types and supplicants for Windows Server 2008 and Windows Vista.
What is EAP Certification Program (ECP)?
This blog entry by the EAP team explains ECP, and helps you determine whether and how to participate in it. ECP enables Microsoft Logo certification and Windows Update distribution of vendor-manufactured EAPHost components.
EAP Certification Program (ECP) Testing Overview
This overview outlines the process for testing with the ECP for proper functionality with the Windows operating system. These procedures use the Microsoft Windows Logo Kit (WLK) and Driver Test Manager (DTM).
EAP Certification Program (ECP) Partners
This blog entry by the EAP team lists the ECP partners and provides links to and their respective EAPHOST-based Peer methods.

Top of page