Showing results for 
Search instead for 
Did you mean: 


New Contributor II
Hi all, we're just getting in to standardizing on Ruckus as our wireless infrastructure and have run into a question regarding the use of PEAP and MSCHAPv2. Currently we have a corporate WLAN configured to use 802.1x EAP authentication with WPA2 encryption and specifying a RAIDUS authentication server. For that AAA server configuration in the ZD we've got the RADIUS server defined with CHAP auth method. We typically used PEAP/MSCHAPv2 (as we have configured in NPS on the RADIUS server's network policy) but you cannot connect to that WLAN unless the NPS network policy is configured to allow CHAP. Suffice to say that it would appear that CHAP is being used vice MSCHAPv2. Can anyone clarify the if MSCHAPv2 is usable and how we might go about it? It almost seems as though the ZD deployment is using a CHAP to forward the connection on to the RADIUS server which then perhaps uses PEAP and MSCHAPv2 between the client and server? Sounds a bit off base but as I mentioned, we are just getting used to Ruckus and dig it so far.


New Contributor II
I should also confirm, PEAP / MSCHAPv2 aren't actually configured anywhere on the ZD right? We don't seem to have them available as configurable option in our ZD interface.


New Contributor III
That is correct. You only configure the Radius server then at that point the client talks directly to the Radius server. The ZoneDirector just acts as a relay.