EAP-TLS OK - EAP-PEAP KO!! why that?

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Tue Jul 22 22:29:34 CEST 2008


Hi,

> so my question is, if the certificate (with server extension) is missing on the client, could it interfer in EAP-PEAP authentication success?

yes.

you need a RADIUS cert with the extensions...and if doing proper
PEAP, you need the CA installed on the client too  - with 'validate
server certificate' checked and cross-linked (ie you choose
the correct CA in the list!)

alan



More information about the Freeradius-Users mailing list