Thanks for the response Fajar,
Are you still authenticating against Lotus Domino LDAP?
Yes, I still do.
Basically to get an authentication method to work, the device needs to be configured to use it, and the server needs to support it. So you need to have a method that's supported by both device and server. It's easy enough to configure the server to support multiple methods, but if you're still authenticating against Lotus Domino LDAP, you might want to enable only TTLS-PAP and PEAP-GTC.
I'm quite aware now about this, thanks to your hints from my previous posts. I configure my server to do the two eap methods (TTLS-PAP/PEAP-GTC) and supported my computer clients with supplicant (secureW2). So now I'm trying to do authentication for wifi mobile phones.
For example, iphone (from Apple's docs) supports EAP-TLS, EAP-TTLS, EAP-FAST, EAP-SIM, PEAPv0, PEAPv1, and LEAP. I've tried it with PEAP-GTC, and it works, so you might want to try EAP-TTLS/PAP and see how it goes. If it doesn't, they try other methods.
I tested also an iPhone 2G to my server, but it still uses MS-CHAPv2 even though I configured my server to do TTLS-PAP. -- View this message in context: http://old.nabble.com/Wifi-Enabled-Phones-%2B-FreeRadius-tp29538516p29539973... Sent from the FreeRadius - User mailing list archive at Nabble.com.