Nolan King wrote:
Due to some Skypilot APs that do not support EAP-TLS
Huh? Access points don't care about the EAP method.
(requiring client certs) i am working on getting tunneled peap happening, authenticating against AD. After following the excellent READMEs and other instructional material at deployingradius and freeradius.org I have a successful configuration that access-accept's with EAP-TLS as well as cleartext passwords. My homegrown certs work well with my AP (a cisco 1130AG for testing) and EAP-TLS, but i cannot get an access-accept with tunneled peap. A bad password will return access-reject, pap logins work, but a good AD login gets stuck at an access-challenge.
Read the FAQ, and "eap.conf". This specific issue is addressed. Alan DeKok.