Regarding providing Custom TOTP MFA in freeradius
Alan DeKok
aland at deployingradius.com
Tue Apr 30 12:08:49 UTC 2024
> On Apr 30, 2024, at 7:40 AM, Dineshkumar pachamuthu <dineshkumar.pachamuthu at gmail.com> wrote:
> Thanks for the replay, Sorry for the late reply. I understand Sending Access-Challenge is not possible with TTLS or with any EAP type since Supplicant will not be compatible to process that.
> I have one more question, is there a way to tell the client/supplicant to use/Access requests with specific EAP type. If the RADIUS client sends PEAP (MSCHAPV2) in the inner-tunnel I want to send supplicant (NAK request) and ask for only EAP-TTLS/PAP, so the client will resend the request with EAP-TTLS/PAP. is this Feasible by change details at inner-tunnel or server config files?
EAP doesn't allow for sending NAK after the inner tunnel has been established.
Alan DeKok.
More information about the Freeradius-Devel
mailing list