Help with EAP-TTLS and PAP
Hans Hering
hans.hering at outlook.com
Mon Nov 23 14:28:20 CET 2015
Thanks for all the replies so far. I already figured this wasn’t gonna work without touching the clients.
> What version of Windows?
Mostly Windows 8.1 and 10
> Windows 7 and earlier can't do EAP-TTLS/PAP natively.
I don’t thing we have Windows 7 clients anymore.
> Pretty much the only options available by default on both are
> EAP-TLS or PEAP/EAP-MSCHAPv2. The latter is ruled out if you have
> passwords in SHA1, so you're just down to certificates. Which
> requires provisioning on the clients.
Right now it’s down to using our Active Directory as backend with MSCHAPv2 or installing the EAP-GTC plugin on all Windows clients via GPO.
Again, thanks for the feedback, this matter is resolved.
More information about the Freeradius-Users
mailing list