15 Oct
2008
15 Oct
'08
1:47 a.m.
Jonathan D. Proulx wrote:
using 1.1.7 (forgive me)
And we say... upgrade. :) It will make solving this problem easier.
I have EAP-TTLS working from the files module and I have krb5 athentication working with ldap authorization fro radtest, but when I try EAP-TTLS as an ldap user I fail to connect, and the sever never seems to try the krb5 module.
You will need to put something like this in the "users" file: DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Auth-Type := Kerberos
Before I start pulling my hair out is even possible?
Yes. IF the inner tunnel session contains a cleartext password. CHAP won't work, and neither will MS-CHAP. Alan DeKok.