Definite Auth-Type via SQL-DB
dump at gmx.info
dump at gmx.info
Tue May 3 16:40:27 CEST 2016
Many thanks for your answer.
> if you dont want your server to do PEAP , then remove it from the EAP
config....
I did, but now I'm receiving errors when running the server with the -X
option: Certificate Compatibility.
> however, how are you dealing with clients - as most still dont do
> EAP-TTLS/PAP (and if doing EAP-TTLS/PAP you cannot ensure that the
> client is correctly, securely configured - which for a PAP mathod is
> pretty much essential).
What do you mean with "dealing with clients"? Is there any client config
error which may cause sending the password not inside the TLS-Tunnel?
And what do you mean with client: The NAS or the dial up client?
But also using a CHAP-Password would then not lead to an improved
security when sending it not via the encrypted tunnel, does it?
Many thanks and
best regards
Jens
More information about the Freeradius-Users
mailing list