Hi,
What is the recommend configuration to allow users on multiple OS/mobile use WPA2-Enterprise using only user/pass to securely connect use user/pass that is authenticated against https://oss.gonicus.de/labs/gosa/ using kerberos
if using kerberos, then thats needing PAP in the inner.... so, keep the default config for the outer - eap will be active and thus the EAP-TTLS will be setup. then, in the INNER tunnel, you will need to ensure that PAP is being used...and in this case, the server will need to be told to do kerberos..... however, for in authorize: update control { &Auth-Type := kerberos } in authenticate: Auth-Type kerberos { krb5 } } or somesuch....since we moved to 3.x code we moved our kerberos to LDAP instead. alan