In 'Ralink Wireless Utility' -> '802.1x Setting'
I can choose 'PEAP' and foll 3 fields (with my example values):
1. Identyty = myidentyty
2. Login = mylogin
3. Password = mypass
 
(I set protocol as EAP-MSCHAP v2)
 
in freeradius users file I can write:
 
mylogin Auth-Type = EAP, User-Password := "mypassword"
 
So identity can by any word. I hope mylogin and mypassword is sent to radius encrypted, not as plain text.
 
But when I clear the users file and use sql I have a recerd in radcheck table:
 
id    UserName    Attribute            op     Value             ... (other fields)
1     mylogin        User-Password   ==    mypassword   ... (other values)
and in "Ralink...' I MUST (?) set (Identity = Login = mylogin) and Password = mypassword to be authorized in freeradius.
 
But isn't Identity sent as clear text ???
I want to set Identity as Client Name, not as his login, is it possible?
SQL queries check User-Name attribute and *I don't know how* put it to rlm_eap_peap and it says: Tunneled data is valid. (...) Success.
But I don't want to login be equals to identity...
 
Norbert