Logging EAP-PEAP/TTLS TLS version and Ciphers
Sven Hartge
sven at svenhartge.de
Wed Mar 13 15:50:06 CET 2019
Hi *,
(using freeradius 3.0.17)
To evaluate how many clients use which TLS version and what cipher has
been negotiated between freeradius and supplicant, I want to log those
values via linelog. (To get an idea, if and when it is feasible to
tighten the cipher_list and TLS versions supported.)
I've been looking through dictionary.freeradius.internal and know about
TLS-Cert-* and TLS-Client-Cert-*, but those of course don't contain the
information I seek. (No client cert for PEAP/TTLS and I already know all
about the server cert, no need to log them.)
Is there any attribute I missed or an xlat I need to do to get this into
a log message?
Grüße,
Sven.
More information about the Freeradius-Users
mailing list