15 Jun
2005
15 Jun
'05
2:43 p.m.
Bruno Quintas <bruno.quintas@itconnect.pt> wrote:
What changes should i do in the server to change the current setup EAP-TLS to EAP-TTLS? Based on the documents eap.conf:
default_eap_type = ttls in eap section comment tls and uncomment ttls?
The howto's say that you need TLS to do TTLS. After that, setting "default_eap_type = ttls" helps, but it's not strictly necessary.
The purpose of using ttls is to eliminate the need for client certificates. I have read in several articles (which considered this to be the main advantage over eap-tls), but all the howtos i've seen - including secure2w ttls client assume the existence of client certificates.
TTLS can use client certificates, but it doesn't require them. Alan DeKok.