LDAP authorize for both EAP-TLS and EAP-PEAP

Matthew Newton mcn4 at leicester.ac.uk
Mon Jan 25 18:08:19 CET 2016


On Mon, Jan 25, 2016 at 04:56:26PM +0000, David Hartburn wrote:
> I'm struggling to find any documentation or examples on using the
> check_eap_tls module. It is a case of putting something in our local eduroam
> virtual server to punt TLS attempts off to this server? Where would you put
> that without breaking the EAP-PEAP authentication?

The virtual server is specified in mods-enabled/eap:

https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/mods-available/eap#L551-L557

then check_eap_tls should be fairly self-documenting:

https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/sites-available/check-eap-tls

Cheers,

Matthew


-- 
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>


More information about the Freeradius-Users mailing list