15 Dec
2011
15 Dec
'11
10 a.m.
On 15/12/11 14:29, Vincent Guardiola wrote:
Hi all,
I have just one question about client certificats with EAP-TTLS or EAP-PEAP.
I would like use certificats client with authentication MSCHAPv2 it's possible ?
Yes. This is documented in the "eap.conf": # You can make PEAP require a client cert by setting # # EAP-TLS-Require-Client-Cert = Yes # # in the control items for a request. In the *outer* tunnel, do this: authorize { ... update control { EAP-TLS-Require-Client-Cert = Yes } ... eap } I know it says EAP-TLS; ignore that. It will make the PEAP client send a client cert.