4 Dec
2010
4 Dec
'10
5:08 a.m.
rdeboer wrote:
I already enabled said option, the only problem is that this doesn't enforce the use of PEAP with a client certificate, as the TLS module is enabled and configured, it allows you to log in with just a client certificate using TLS. What I want is to enforce the use of not just TLS but PEAP with a client cert.
The solution is to disable EAP-TLS by disallowing it. In the "users" file, do: DEFAULT EAP-Type == EAP-Type-TLS, Auth-Type := Reject Alan DeKok.