Mario Alberto Cruz Gartner <mario.cruz@gmail.com> wrote:
So.. no certificates will be needed on the clients? First must be open a TLS tunnel, so i think that still need the certificates.
No. You need a server certificate, but not client certificates.
-What is "rlm_eap: EAP NAK"?
You configured the server to do TLS by default. The client wants to do TTLS, so it NAK'd TLS, and asked for TTLS.
-It says: "TLS_accept:error in SSLv3 read client certificate A" But the client had the certs installed already (TLS works fine!).
It means there's no client certificate. There's no problem.
-Is there another guide (maybe a little updated?) for a EAP/TTLS with FreeRadius?
Configure TLS & get it working. After that, doing TTLS should just be a matter of configure TTLS in eap.conf. Alan DeKok.