Microsoft PEAP-EAP-TLS support (certificate auth with SoH)?
p.mayers at imperial.ac.uk
Fri Jan 20 11:50:28 CET 2012
On 01/20/2012 01:08 AM, Matthew Newton wrote:
> The 'normal' PEAP with MS-CHAPv2 works fine giving the SoH
> details, but has to be "user authentication" on the client.
> EAP-TLS works fine presenting the certificate to connect to the
> network (Microsoft's so-called "computer auth"), but doesn't, as
> far as I can tell, do SoH.
> Is it actually possible to do SoH with certificate-based
> authentication, or do I have to look towards DHCP for this?
SoH is a PEAP TLV. If the PEAP module is running, it should support SoH
regardless of the type of inner-auth.
More information about the Freeradius-Users