|
Hi, I´m trying to configure
freeradius with PEAP + EAP-TLS, but I´m making some confusion to configure the
radiusd.conf (sections authorize and authentication) and eap.conf. Have someone implemented this configuration? In the eap.conf file the default eap type
is TLS or PEAP? What I´ve to configure in the authorize
and authentication sections? I´ve attached my conf files below. Best Regards … FreeRADIUS Version
1.0.1 eap.conf eap { default_eap_type = tls timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no # Supported EAP-types # EAP-TLS tls { private_key_password = xxxxxxxxxxx private_key_file =
${raddbdir}/certs/freeradius_key.pem certificate_file =
${raddbdir}/certs/freeradius_cert.pem CA_file = ${raddbdir}/certs/demoCA/cacert.pem dh_file = ${raddbdir}/certs/dh random_file = ${raddbdir}/certs/random fragment_size = 1024 include_length = yes } peap { default_eap_type = tls } #tls { #private_key_password = xxxxxxxxxx #private_key_file =
${raddbdir}/certs/freeradius_key.pem #certificate_file =
${raddbdir}/certs/freeradius_cert.pem #CA_file = ${raddbdir}/certs/demoCA/cacert.pem #dh_file = ${raddbdir}/certs/dh #random_file = ${raddbdir}/certs/random #fragment_size = 1024 #include_length = yes #} #mschapv2 { #} } radiusd.conf
(only authorize and authentication sections) . . . # Instantiation instantiate { } # authorize { preprocess files mschap eap } # Authentication. authenticate { Auth-Type MS-CHAP { mschap } eap } . . .
|