Radius Testing. EAP-TTLS, (GTC - PAP) SSHA Password
Alan DeKok
aland at deployingradius.com
Wed Mar 28 14:23:57 CEST 2018
On Mar 28, 2018, at 8:19 AM, Mitch Sullivan <mitch.sullivan at swarm64.com> wrote:
>
> Thanks Allan. I'm such a goose.
> Its working now.
There's a lot in the debug output, so reading it is sometimes hard. But the answers are there, 99% of the time.
> The self signed certificates will work for all common clients. E.G Windows 10 and Android Phones? I guess I'll find out as I test. Everything works fine for apple devices.
Yes.
> Is this my best possible outcome, or is there are better / more secure recommendation?
If possible, I'd use EAP-TLS instead of TTLS. That avoids all issues with passwords being on end devices. But the certificate management can get complex.
Alan DeKok.
More information about the Freeradius-Users
mailing list