Could you post this file ?
I have only:
eap {
default_eap_type = tls
tls {
tls_cacertfile = /etc/freeradius/cert/ca.pem
tls_certfile = /etc/freeradius/cert/radius.crt
tls_keyfile = /etc/freeradius/cert/radius.key
}
}
You're lacking the peap sub part: peap { # The tunneled EAP session needs a default # EAP type which is separate from the one for # the non-tunneled EAP module. Inside of the # PEAP tunnel, we recommend using MS-CHAPv2, # as that is the default type supported by # Windows clients. default_eap_type = mschapv2 # the PEAP module also has these configuration # items, which are the same as for TTLS. copy_request_to_tunnel = yes use_tunneled_reply = yes # When the tunneled session is proxied, the # home server may not understand EAP-MSCHAP-V2. # Set this entry to "no" to proxy the tunneled # EAP-MSCHAP-V2 as normal MSCHAPv2. # proxy_tunneled_request_as_eap = yes } Why have you deleted this entry? When you don't want to use a feature, just comment the section it'll make it easier to update the configuration in the future.
BR,
Rafal Kaminski
HTH, Thibault