Contacts
home

What kind of program is Cisco leap? EAP authentication of wireless users with a RADIUS server. Defining the Authentication Server

Recently, active Internet users are increasingly faced with the appearance of unknown programs on their PCs: no one intentionally installed such software, but the programs somehow ended up on their work computer. A striking example of such software is the Cisco EAP-FAST Module, Cisco LEAP Module or Cisco PEAP Module program. At the same time, most users do not understand what kind of program this is? and is it needed - what if deletion will lead to other applications not working?

What is Cisco eap fast module?

If you have previously connected to a network domain or, then the appearance of the cisco eap fast module program among the working software is not surprising: this program is an authentication service using secure tunneling (eap-fast) - a type of eap from Cisco.

This service allows authentication through the global network according to the IEEE 802.1X standard. eap-fast also provides protection against various network attacks.

What is this program and is it needed?

If you have never used Cisco products before or connected to a network domain, then you can safely delete it. Initially, this program was intended for Cisco wireless infrastructure.

Typically, Cisco eap-fast is relevant for users or organizations that cannot meet security requirements regarding password policies, do not want to use digital certificates in their work, or do not support various types of databases. In such cases, eap-fast will protect against a variety of network attacks, including man-in-the-middle attacks, authentication spoofing, AirSnort attacks, packet spoofing (based on the victim's responses), and dictionary brute force.

If an organization uses (such as WPA or WPA2, which includes the 802.1x standard for authentication purposes), and is unable to enforce password policies and does not want to use certificates, then it can easily implement eap-fast to strengthen overall security.

What is this program and can it be removed?

Sometimes, when reinstalling drivers for a wireless network adapter, the installation of Cisco eap-fast is also enabled, but the process does not proceed beyond this - the installer freezes, and the wireless network remains inaccessible. Possible reasons for this “behavior” lie in the incorrect definition of the network card itself or the model name.

To prevent and eliminate such problems, it is advisable to periodically scan the system for viruses using antivirus programs such as Dr.web CureIt.

After all, when you reinstalled the system, you could receive already infected drivers and installers. At the same time, standard antiviruses, such as Kaspersky, can simply skip infected files by adding them to exceptions - and, accordingly, give them almost complete access to the system.

If the drivers were installed using an installer, you must first uninstall this program through the Control Panel in “Programs and Features” (for Windows 7 and higher) or “Add/Remove Programs” (for Windows XP) and again.

If all else fails, you should try Everest program(aka AIDA) to determine the correct device identifier, which can be used to find the correct drivers. This can also be done through the standard Device Manager by going to the device properties and selecting Information, but this will be easier and more convenient to do with the Everest program.

How to uninstall a program

To completely remove Cisco eap-fast module, use the Add/Remove Programs Wizard from the Control Panel. The step by step guide for removal is as follows:

  • - open the start menu and go to the Control Panel;
  • - select Add/Remove Programs for Windows XP or Programs and Features for versions of Windows Vista, 7 and 10;
  • - find the Cisco eap-fast module program and click on it. For Windows XP, click the Change/Remove tab or simply click the Remove button;
  • - Follow the removal instructions until the process is successfully completed.

Today we will look at:

When working on a computer running Windows, the user must always monitor what is happening on his computer. This operating system is considered the most popular in the world, so countless programs, viruses and tools have been developed for it to penetrate software onto your computer. In particular, today we will consider the situation when you noticed the Cisco LEAP Module program in the list of installed programs or processes on your computer.

If you saw unfamiliar software on your computer, then it could get onto your computer in three ways: you installed it yourself, but don’t remember it, another PC user did it for you, or during the installation process the program was not unchecked in time. for installing additional software.

Naturally, having noticed the Cisco LEAP Module program on your computer, two questions arise: what kind of program is it, and also whether it is a virus.

A little about Cisco

Cisco is a fairly well-known American company that develops and sells network equipment. In our country, users rarely know about this company, but abroad, almost any American company or home has a Cisco router and other network equipment and software.

What is the Cisco LEAP Module program?

Actually, the Cisco LEAP Module program is only part of a software package that is aimed at setting up authentication protocols in Cisco Wi-Fi networks.

If we talk specifically about Cisco LEAP Module, the program stands for Lightweight Extensible Authentication Protocol and is a module of a lightweight extensible authentication protocol.

Is this program necessary?

No, unless you are a user of Cisco network equipment.

What is the best way to remove a program from your computer?

This tool must be uninstalled from the computer along with other Cisco programs. You can carry out this operation in the standard way through the “Control Panel” menu, but it will be better if you use the Revo Uninstaller program for uninstallation, which is aimed at completely removing programs from the computer.

Removing Cisco LEAP Module via Control Panel


Uninstalling Cisco LEAP Module Using Revo Uninstaller

We recommend uninstalling programs using Revo Uninsaller for the simple reason that, in addition to standard uninstallation, the program will additionally scan the system for remaining files, folders and registry entries. This tool will allow you to remove programs from your computer as efficiently as possible, eliminating the possible occurrence of conflicts and increasing system performance.

  • If necessary, download Revo Uninstaller from this link and then install your computer. Launch the program. As soon as the list of installed software is displayed on the screen, find the Cisco LEAP Module program, right-click on it and select “Uninstall”. Complete the uninstallation procedure following the system instructions. At the scanning stage, we recommend selecting the “Full” option, since this is the only way the program can most thoroughly scan the system.

  • Check the list for availability and . They will need to be removed using the same principle.
  • Restart your computer for the system to finally accept the changes.

That's all on the topic.

Nowadays, quite a lot of users on forums ask the following question: “Cisco EAP-FAST module, what is it?”

The fact is that people discover this program on their computer and realize that they did not install it.

Of course, the program takes up some part of the memory and takes up some resources.

Therefore, users are thinking about relieving their OS a little by .

But, let’s say right away, this procedure cannot be performed in all cases. But first things first.

It is worth saying right away that all the information described below must be read consecutively and in its entirety.

If some points are still unclear (although we tried to explain everything as clearly as possible), re-read the text passage again.

You can also leave your comments under the article, we will be happy to answer them.

What does Cisco EAP-FAST module stand for?

EAP-FAST stands for Flexible Authentication via Secure Tunneling. If you translate this into Russian, you get the following: flexible authentication through a secure tunnel.

This phrase can be translated more humanly into authentication using secure tunneling.

For now, let's say that there are two more programs similar to the Cisco EAP-FAST module. They contain the words “LEAP” and “PEAP” instead of the word “LEAP”.

That is, the programs are called Cisco LEAP module and Cisco PEAP module. You can easily find all these three programs on your computer.

And the situation with all three will be almost the same - you didn’t install anything, but it appeared on somewhere.

Rice. 1. 3 Cisco related programs

What else is this?

LEAP stands for Lightweight Extensible Authentication Protocol, that is, a lightweight extensible authentication protocol.

And PEAP stands for Protected Extensible Authentication Protocol, which translates as a secure extensible protocol for the same authentication.

In short, these are authentication protocols that are used in Cisco equipment.

Cisco Authentication Protocols

All three programs discussed above allow you to authenticate on the global network. Its second important function is protection against network attacks.

Actually, that's all that Cisco EAP-FAST, LEAP and PEAP module do. The only thing that differs is their authentication methods.

And now about everything in more detail.

Let's look at all the concepts one by one.

About authentication

Authentication is a process that involves verifying the user using a digital signature or checksum of the sent file.

Everything is simple here - the user is verified not only by entering a login and password, but also by signing or a file.

If the signature that the user sent when trying to use the network matches the one that was sent to him, then the verification was successful.

To put it even more simply, many of us are authenticated when we log into our .

To log into WebMoney Keeper Standard, you must enter your login, password, number from the picture and computer data.

Actually, entering just one login and password, which do not change, is authorization.

But the additional input of a number of data from a computer is something more, that is.

If you check the box "Remember me on this computer", then the system will read data from the computer every time you log in.

If you have already logged in, it will now happen automatically. This is authentication.

Rice. 2. Login to WebMoney

Authentication can also occur using biometric data, for example, or the retina of the eye.

Rice. 3. Retina Authentication

In the case of Cisco networks, authentication is needed to ensure that no random people can use them.

About tunneling

In general, tunneling is a process that involves building tunnels. But, since we are talking about computer networks, in this case this term will have a different meaning.

Tunneling is a process that involves combining (in science, particularly in mathematics, this process is called encapsulation) of different protocols.

As a result, this results in information being transferred between some two points.

To put it simply, let’s say we have a certain set of protocols. Let us clarify that protocols are sets of rules and actions.

In the case of, they help transmit information from one point to another.

So, from this set of protocols, those functions are selected that help in the best way (as quickly as possible and without data loss) to transmit this very information.

This process, by the way, is called encapsulation.

Rice. 4. Example of tunneling in computer networks

Let's touch on secure tunneling

But secure tunneling means that the exchange of data required for login occurs over secure channels.

We will not go into detail and explain how all this happens.

Now let's combine these concepts.

As we said above, EAP-FAST is authentication using secure tunneling.

If we put all of the above together, it turns out that we are dealing with the fact that protocols are combined to transmit information that relates to authentication.

For example, if authentication occurs using an electronic key, then this same key is transmitted over secure channels.

Rice. 5. An example of authentication using a smart card with an electronic key.

By the way, LEAP means that authentication also occurs through data transmission over secure channels.

But in this case, as mentioned above, we are dealing with a lightweight protocol, so the channels here are less secure.

But in the case of PEAP, data is transmitted over more secure channels than usual. Actually, that's all. See how simple it is?

Now let's get back to the program

Actually, the Cisco EAP-FAST module program is needed in order to provide secure authentication.

In most cases, it is used to ensure the operation of networks. This is a unique and proprietary development of Cisco.

The same applies to the other two programs we talked about above. They can be installed automatically or by Cisco specialists.

In any case, even if you have connected to this company once in your life, do not be surprised that the program in question appears on your computer.

Is it possible to remove the Cisco EAP-FAST module?

We are back to where we started. Of course, you can remove the Cisco EAP-FAST module, but only if you no longer use the equipment of this company.

If you are still using any Cisco equipment, in particular, then you should not remove the program under any circumstances. This risks the equipment simply stopping working.

And installing the program can be quite problematic.

By the way, we have interesting material on our website that we recommend for you to read: MTU in a router - what is it? We increase Internet speed.

By the way, many users complain about all sorts of problems related to the Cisco EAP-FAST module. In particular, for some people this program does not uninstall or freezes.

Rice. 6. Installing Cisco EAP-FAST module (removal looks almost the same)

Solving problems related to Cisco EAP-FAST module

As for removal, this process can only be carried out as follows:

  1. First you need to go to "Control Panel", through the Start menu.
  2. Then you should find the item there "Uninstall a program"(in Windows 10 it is called "Programs and Features").

Rice. 7. “Uninstall a program” in the “Control Panel”

  1. Next, find the Cisco EAP-FAST module there and click on this line twice. The program uninstall window will appear.

If the program freezes when uninstalling, here's what you need to do:

  1. Update the network card driver. The easiest way to do this is to use the program. It will automatically detect which ones are not up to date or are “broken” and offer to update them.
  2. Scan your computer for viruses. If you have a weak antivirus and your computer resources do not allow you to install something more significant, use special ones.
  3. Find Cisco support in your country. On the official website you can find all the necessary contacts.

Now you know what Cisco EAP-FAST module is and you can determine whether it is worth removing this program from your computer.

Below you can see an example of setting up equipment with this authentication method.

Configuring 802.1X with Cisco ISE and EAP-FAST

Configuring Cisco Identity Services Engine (ISE) for 802.1X using EAP-FAST as authentication method

This article provides an example configuration for EAP (Extensible Authentication Protocol) authentication of wireless users against a local RADIUS server database on an access point running Cisco IOS®.

Due to the passive role that the access point plays in EAP (it converts wireless client packets into wired packets and forwards them to the authentication server, and vice versa), this configuration is used with almost all EAP methods. These methods include (but are not limited to) LEAP, Protected EAP (PEAP)-MS Mutual Authentication Protocol (CHAP) version 2, PEAP Generic Token Card (GTC), EAP Flexible Authentication over Secure Tunnel (FAST), EAP Security Protocol transport layer (TLS) and EAP-Tunneled TLS (TTLS). You must configure the authentication server appropriately for each EAP method. This article contains only information on setting up an access point.

Requirements

When setting up, you may need the following knowledge:

  • Understanding the Cisco IOS GUI or CLI.
  • Understanding the concept of EAP authentication.

Components used

  • Cisco Aironet access point running Cisco IOS.
  • Virtual LAN (VLAN), let's assume that there is only one of it in the network.
  • RADIUS authentication server that successfully integrates into the user database.
    • Cisco LEAP and EAP-FAST support the following authentication servers:
      • Cisco Secure Access Control Server (ACS)
      • Cisco Access Recorder (CAR)
      • Funk Steel Belted RADIUS
      • Interlink Merit
    • Microsoft PEAP-MS-CHAP version 2 and PEAP-GTC support the following authentication servers:
      • Microsoft Internet Authentication Service (IAS)
      • Cisco Secure ACS
      • Funk Steel Belted RADIUS
      • Interlink Merit
      • Authorization can be performed by any other Microsoft authentication servers.
    Note: GTC or one-time password entry requires the connection of additional services, which in turn require additional software on the client side and server side, as well as a hardware or software token generator.
    • It is necessary to consult with the manufacturer of the equipment installed at the client to clarify under what conditions authentication servers using the EAP-TLS, EAP-TTLS and other EAP methods are supported by their products.

The information presented in this document was obtained on testing equipment under specially designed laboratory conditions. Only data obtained from devices with default configuration was used in writing this document. In a production network, you need to understand the consequences of executing all commands.

Settings

This configuration involves setting up EAP authentication on an access point running IOS.

Like most password-based authentication algorithms, Cisco LEAP is sensitive to dictionary attacks. This is not a new type of attack or a new Cisco LEAP vulnerability. To mitigate dictionary attacks, it is necessary to develop a strong password policy. This includes using strong passwords and changing them periodically.

Network EAP or Open Authentication with EAP

With any authentication method based on EAP/802.1x, you may wonder what the differences are between network EAP and open authentication with EAP. This applies to the values ​​in the Authentication Algorithm field in the management and binding packet headers. Most wireless client device manufacturers set this field to 0 (open authentication) and then indicate whether they want to perform EAP authentication later during the association process. In Cisco products, this value is set differently, namely from the beginning of the association with the EAP network protocol flag.

If the network has clients that are:

  • Cisco customers - must use network EAP.
  • Third party clients (including CCX compliant products) must use open authentication with EAP.
  • A combination of Cisco and third-party client devices—you must select both network EAP and open authentication with EAP.

Defining the Authentication Server

The first step in configuring EAP is to identify and communicate with the authentication server.

1. On the Server Manager access point tab (menu item Security > Server Manager), you must perform the following steps:

  1. Enter the IP address of the authentication server in the Server field.
  2. Specify the shared secret key and ports.
  3. Click Apply in order to create a definition and populate the drop-down lists.
  4. Set the server IP address in the Default Server Priorities > EAP Authentication type > Priority 1 field.
  5. Click Apply.


AP# configure terminal

AP(config)# aaa group server radius rad_eap

AP(config-sg-radius)# server 10.0.0.3 auth-port 1645 acct-port 1646

AP(config-sg-radius)# exit

AP(config)# aaa new-model

AP(config)# aaa authentication login eap_methods group rad_eap

AP(config)# radius-server host 10.0.0.3 auth-port 1645
acct-port 1646 key labap1200ip102

AP(config)# end

AP# write memory

2. The access point must be configured on the authentication server as an AAA client.

For example, on a Cisco Secure Access Control Server, this is configured on the Network Configuration page, which defines the access point name, IP address, shared secret password, and authentication method (RADIUS Cisco Aironet or RADIUS Cisco IOS/PIX). For information on authentication servers that are not classified as access control servers, refer to their manufacturer's documentation.

You must ensure that the authentication server is configured to use the desired EAP authentication method. For example, for a Cisco Secure Access Control Server that uses LEAP, you must configure LEAP authentication on the System Configuration - Global Authentication Setup page. Click System Configuration, then press Global Authentication Setup. For information on non-access control authentication servers or other EAP methods, consult the manufacturer's documentation.

The following figure shows how Cisco Secure ACS is configured to use PEAP, EAP-FAST, EAP-TLS, LEAP, and EAP-MD5.

Defining client authentication methods

Once the access point determines where to send the client authentication request, it must be configured to use the following methods.

Note: These instructions are for WEP-based installations.

1. On the Encryption Manager access point tab (menu item Security > Encryption Manager) you must perform the following steps:

  1. Specify usage WEP encryption.
  2. Indicate that the use of WEP is mandatory Mandatory.
  3. Make sure the key size is set to 128-bits.
  4. Click Apply.

You can also run the following commands from the CLI:

AP# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

AP(config)# interface dot11radio 0

AP(config-if)# encryption mode wep mandatory

AP(config-if)# end

AP# write memory

2. Perform the following actions on the SSID Manager access point tab (menu item Security > SSID Manager):

  1. Select the desired SSID.
  2. In the "Authentication Methods Accepted," checkbox Open and using the drop-down list select With EAP.
  3. Check box Network-EAP if you have a Cisco client card.
  4. Click Apply.

You can also run the following commands from the CLI:

AP# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

AP(config)# interface dot11radio 0

AP(config-if)# ssid ssid labap1200

AP(config-if-ssid)# authentication open eap eap_methods

AP(config-if-ssid)# authentication network-eap eap_methods

AP(config-if-ssid)# end

AP# write memory

Once the core functionality has been confirmed to work correctly with the basic EAP setup, additional functionality and key management can be added. Place more complex functions on top of the functional base to make troubleshooting easier.

Examination

This section contains information that can be used to verify that the configuration is working.

Some commands show supported by the tool Output Interpreter Tool(only for registered users), which allows you to view an analysis of the command output show.
show radius server-group all– Lists all configured RADIUS server groups on the access point.

Troubleshooting

Troubleshooting Procedure

To troubleshoot your configuration, you must follow these steps:

  1. A new profile or connection must be created in the client-side utility or software with the same or similar parameters to ensure that nothing has been corrupted in the client settings.
  2. To ensure that RF interference does not interfere with successful authentication, you must temporarily disable authentication using the steps below:
  3. Execute commands from the CLI no authentication open eap eap_methods, no authentication network-eap eap_methods and authentication open.
  4. From the GUI on the SSID Manager page you need to uncheck Network-EAP, check the box Open and set the dropdown list back to No Addition.
    5. If the client is successfully matched, then the RF will not cause any mapping issues.
  5. You must ensure that shared secret passwords are synchronized between the access point and the authentication server.
  6. From the CLI, select the line radius-server host x.x.x.x auth-port x acct-port x key .
  7. From the GUI on the Server Manager page, re-enter the shared secret key for the corresponding server in the "Shared Secret" field.
    8. The shared secret entry for the access point on the RADIUS server must contain the same shared secret password mentioned earlier.
  8. Remove all user groups from the RADIUS server. Sometimes there may be conflicts between the user groups defined by the RADIUS server and the user groups on the underlying domain. Check the RADIUS server log entries for failed attempts and the reasons why those attempts failed.

Troubleshooting Commands

Some commands show supported by the tool Output Interpreter Tool(only for registered users), which allows you to view the results of the command show.

Chapter Debugging Authentication contains a significant amount of detail on how the output of EAP-related debugging commands can be collected and interpreted.

Note: Before you run commands debug, you need to read the section Important information about debugging commands.

  • debug dot11 aaa authenticator state-machine– Displays the main sections (or states) of the negotiation between the client and the authentication server.
    Note: In Cisco IOS software releases prior to 12.2(15)JA, the command syntax is debug is as follows debug dot11 aaa dot1x state-machine.
  • debug dot11 aaa authenticator process– Displays single records of negotiation dialogues between the client and the authentication server.
    Note: In Cisco IOS software releases prior to 12.2(15)JA, the debug command syntax is as follows: debug dot11 aaa dot1x process.
  • debug radius authentication– Outputs RADIUS negotiations between the server and client bridged to the access point.
  • debug aaa authentication– Outputs AAA negotiations for authentication between the client device and the authentication server.

Have questions?
Contact Aquilon-A to find out more details and get exactly what you need.



Did you like the article? Share it
We recommend articles on the topic
What is intel management engine interfaceWhat is intel management engine interface
Processor Integrated Graphics‡Processor Integrated Graphics‡
Disable usb 3.0 in acer bios. How to disconnect USB ports from connecting a flash drive. Prevent users from connecting USB storage devices using a Microsoft appDisable usb 3.0 in acer bios. How to disconnect USB ports from connecting a flash drive. Prevent users from connecting USB storage devices using a Microsoft app
Visitors are currently discussing
Zte Blade L2 smartphone: customer reviews and specifications The main camera of a mobile device is usually located on its back panel and can be combined with one or more additional camerasZte Blade L2 smartphone: customer reviews and specifications The main camera of a mobile device is usually located on its back panel and can be combined with one or more additional cameras Android
Smartphone Zte Blade L2: customer reviews and specificationsSmartphone Zte Blade L2: customer reviews and specifications Settings
Huawei Y6 - SpecificationsHuawei Y6 - Specifications Wireless
How to put away unnecessary itemsHow to remove unnecessary objects in Photoshop? Settings