Humm yes, but with this i can use mschapv2 for authenticate or my authentification will be used by client certificat ?
On 15/12/11 14:29, Vincent Guardiola wrote:Yes. This is documented in the "eap.conf":
Hi all,
I have just one question about client certificats with EAP-TTLS or EAP-PEAP.
I would like use certificats client with authentication MSCHAPv2 it's
possible ?
# You can make PEAP require a client cert by setting
#
# EAP-TLS-Require-Client-Cert = Yes
#
# in the control items for a request.
In the *outer* tunnel, do this:
authorize {
...
update control {
EAP-TLS-Require-Client-Cert = Yes
}
...
eap
}
I know it says EAP-TLS; ignore that. It will make the PEAP client send a client cert.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html