Microsoft PEAP-EAP-TLS support (certificate auth with SoH)?

Phil Mayers p.mayers at
Fri Jan 20 11:50:28 CET 2012

On 01/20/2012 01:08 AM, Matthew Newton wrote:

> The 'normal' PEAP with MS-CHAPv2 works fine giving the SoH
> details, but has to be "user authentication" on the client.
> EAP-TLS works fine presenting the certificate to connect to the
> network (Microsoft's so-called "computer auth"), but doesn't, as
> far as I can tell, do SoH.


> Is it actually possible to do SoH with certificate-based
> authentication, or do I have to look towards DHCP for this?

SoH is a PEAP TLV. If the PEAP module is running, it should support SoH 
regardless of the type of inner-auth.

More information about the Freeradius-Users mailing list