EAP-TTL Proxy LDAP
amarquez001 at ikasle.ehu.es
amarquez001 at ikasle.ehu.es
Wed Mar 5 21:01:11 CET 2008
At first, goodevening to eveone.
I am simulating an authentication plataform. The situation is this one:
PC 1: Supplicant.Access by networkManager.
The crendential are: login= david at i2t passwd=david EAP=TTLS phase2=PAP
PC 2: HostAP. It's correctly configured and works fine.
PC 3: Proxy Freeradius. It has got a realm i2t defined, and proxyes the
access requests to de PC4.
PC 4: Final Freeradius. It contains the credential for the users of the
i2t realm stored on a LDAP directory.
The interconections between the PCs is this one:
PC1 <-----> PC2 <-----> PC3 <-----> PC4
I have got some conceptual questions:
I generated some certificates in PC3, and when I do the suply in PC1, I
set the certificate of PC3.
Is this correct? Or should I do it with a certificate of PC4?
The conections between PC1&PC2 and PC2&PC3 are encrypted. But, what
about PC3&P4? Is also a secure comunication?
Could anyone explain how should it work?
Once the tunnel has been created, what type of authentication method
shall I use?
Can I afford to use PAP with an LDAP direcotry at the backend PC?
CHAP? GTC?
Lots of thanks!
I hope you have a good day.
More information about the Freeradius-Users
mailing list