Client certs with MSCHAPV2 in PEAP

Alan DeKok aland at ox.org
Fri Feb 24 01:11:49 CET 2006


Robert Myers <ccrider at whiterose.net> wrote:
> The reason I ask, is that I'm using a client cert signed by my CA to do 
> eap/tls, and it's working.  I have not implemented the server cert as of 
> yet.

  Then it *should* work with PEAP.  But I don't know of many people
that use client certs with PEAP.  I suspect no one has tested that,
and that the client may be doing something different than with EAP-TLS.

  My suggestion is don't use client certs with PEAP.

  Alan DeKok.




More information about the Freeradius-Users mailing list