22 Oct
2009
22 Oct
'09
9:05 a.m.
--- On Thu, 10/22/09, Ivan Kalik <tnt@kalik.net> wrote:
If I install a self-signed certificate on another Windows client and connect via EAP-TLS then I can connect without having to use an Active Directory user, as expected.
I'm wondering if I can *require* both a certificate on the client machine AND an AD user authentication. In other words, how can I *require* PEAP-EAP-TLS? (currently, my freeradius configuration seems to require PEAP OR EAP-TLS)
Freeradius version: 2.0.5
Don't know about that version. It should say how to require certificates for peap in eap.conf above peap section.
Is this the option? EAP-TLS-Require-Client-Cert = Yes I'm not sure where I should place it.