Ok,
I don't understand why my config doens"t work or maybe i've erroe on my client, this my conf :
eap.conf
eap {
default_eap_type = peap
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 4096
md5 {
}
leap {
}
gtc {
auth_type = PAP
}
.....
.....
peap {
default_eap_type = mschapv2
virtual_server = "inner-tunnel"
use_tunneled_reply = no
copy_request_to_tunnel = no
}
sites-enable/default
authorize {
preprocess
update control {
EAP-TLS-Require-Client-Cert = Yes
}
eap {
ok = return
}
}
authenticate {
}
Auth-Type MS-CHAP {
mschap
}
eap
}
sites-enable/inner-tunel
authorize {
eap {
ok = return
}
}
authenticate {
Auth-Type MS-CHAP {
mschap
}
eap
}
Thx.
Vincent Guardiola wrote:It is documented.
> I've read documentation and not found responses for my problem.
Yes. Read eap.conf. This is documented.
> I wonder if I correctly explain my request
>
> I would like to use a cllient certificats and mschapV2 in the same
> authentification in PEAP or TTLS
> Use client certificats for create TLS tunel and after use mschapv2 for
> authenticate the user
> It's possible with freeradius or not ?