EAP-FAST experiment

William Hegardt whegardt at gmail.com
Wed Aug 27 19:50:20 CEST 2008

I'm using FR 2.0.5 on Linux. I've built it with experimental-modules
in hopes of getting
eap-fast to work. I believe this uses the eap2 configuration block in
experimental.conf. I also see the comments that read:

	#  This module requires the libeap.so file from the hostap
	#  software (http://hostap.epitest.fi/hostapd/).  It has been
	#  tested on the development version of hostapd (0.6.1) ONLY.
	#  In order to use it, you MUST build a "libeap.so" in hostapd,
	#  which is not done by default.
	#  You MUST also edit the file: src/modules/rlm_eap2/Makefile
	#  to point to the location of the hostap include files.
	#  This module CANNOT be used in the same way as the current
	#  FreeRADIUS "eap" module.  There is NO way to look inside of
	#  a tunneled request.  There is NO way to proxy a tunneled
	#  request.  There is NO way to even look at the user name inside
	#  of the tunneled request.  There is NO way to control the
	#  choice of EAP types inside of the tunnel.  You MUST force
	#  the server to choose "eap2" for authentication, because this
	#  module has no "authorize" section.

After I follow these instructions, is there anything else necessary to
get eap-fast working?
Do I need a fast{} sub-section inside of the eap2{} section?
How do I force the server to choose eap2 for authentication as mentioned above?


More information about the Freeradius-Devel mailing list