WPA Enterprise, 802.1X, Freeradius, EAP & Kerberos
aland at deployingradius.com
Fri May 8 22:11:23 CEST 2009
Arran Cudbard-Bell wrote:
>> If you use SecureW2, you can configure Windows to do TTLS+PAP. That
>> will supply a clear-text password in the inner tunnel, which will allow
>> kerberos to work.
> Really? I would have thought the exchange would be far more complex than
> just PAP? Surely you can't bootstrap Kerberos like that.
You can't. But you can use a KDC as an authentication oracle.
RADIUS: Is this PAP password OK?
> Has anyone actually got EAP-Kerberos or some other equivalent scheme
> working with windows ?
More information about the Freeradius-Users