On Thu, Aug 22, 2013 at 10:30:54AM +0100, Phil Mayers wrote:
Matthew Newton <mcn4@leicester.ac.uk> wrote:
On Wed, Aug 21, 2013 at 09:52:14PM +0200, Martin Kraus wrote:
well looking at man wpa_supplicant I can see
EAP-PEAP/TLS
I think that should be PEAP/EAP-TLS. Otherwise I'm not sure what it's talking about.
Huh, and I thought MS-PEAP specified only soh and mschap as valid inners. Nice to see ms honouring their own specs ;o) Or maybe they updated it since I last read it.
We've been doing it for ~18 months now. Works fine (when the fragment sizes have been set up correctly) so we get domain managed certs and soh. Just a shame you can't do user auth as well at the same time. m. -- Matthew Newton, Ph.D. <mcn4@le.ac.uk> Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <ithelp@le.ac.uk>