Ok,
I don't understand why my config doens"t work or maybe i've erroe on my client, this my conf :

eap.conf
eap {
                default_eap_type = peap
                timer_expire     = 60
                ignore_unknown_eap_types = no
                cisco_accounting_username_bug = no
                max_sessions = 4096
                md5 {
                }

                leap {
                }

                gtc {
                        auth_type = PAP
                }
.....
.....
peap {
default_eap_type = mschapv2
 virtual_server = "inner-tunnel"
use_tunneled_reply = no
copy_request_to_tunnel = no
}

sites-enable/default

authorize {
        preprocess
        update control {
               EAP-TLS-Require-Client-Cert = Yes
        }
        eap {
                ok = return
        }
}
authenticate {
        }
        Auth-Type MS-CHAP {
                mschap
        }
   eap
}

sites-enable/inner-tunel

authorize {
        eap {
                ok = return
        }
}

authenticate {
        Auth-Type MS-CHAP {
                mschap
        }
        eap
}



Thx.


2011/12/20 Alan DeKok <aland@deployingradius.com>
Vincent Guardiola wrote:
> I've  read documentation and not found responses for my problem.

 It is documented.

> I wonder if I correctly explain my request
>
> I would like to use a cllient certificats and mschapV2 in the same
> authentification in PEAP or TTLS
> Use client certificats for create TLS tunel and after use mschapv2 for
> authenticate the user
> It's possible with freeradius or not ?

 Yes.  Read eap.conf.  This is documented.

 Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html