Windows: Client Certificate but User Password

Michael Schwartzkopff ms at
Wed Sep 7 15:46:01 CEST 2016


I want to use FreeRADIUS as the AAA backend for 802.1x portsecurity.

The windows clients should send the username/password (PEAP/MS-CHAPv2) when a 
user is logged in.

If no user is logged in, the windows client should send its client certificate. 
FR can check that certificate and authorize the client.

My problem is: In Windows 7 I can configure either to use PEAP (Password) OR 
certificates. But I cannot choose PEAP for user and certificate for client 

Has anybody seen this? Anybody for a solution to that problem?

Mit freundlichen Grüßen,

Michael Schwartzkopff

[*] sys4 AG, +49 (89) 30 90 46 64, +49 (162) 165 0044
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: This is a digitally signed message part.
URL: <>

More information about the Freeradius-Users mailing list