Regarding providing Custom TOTP MFA in freeradius
Dineshkumar pachamuthu
dineshkumar.pachamuthu at gmail.com
Tue Apr 30 17:21:51 UTC 2024
Sorry for the misunderstanding. I mean can we force EAP-TTLS over
Access-Request of PEAP request before tunnel is established,, i.e force a
particular EAP in supplicant over another in freeradius using NAK or any
other way?
Regards,
Dineshkumar
On Tue, Apr 30, 2024 at 5:38 PM Alan DeKok <aland at deployingradius.com>
wrote:
> > On Apr 30, 2024, at 7:40 AM, Dineshkumar pachamuthu <
> dineshkumar.pachamuthu at gmail.com> wrote:
> > Thanks for the replay, Sorry for the late reply. I understand Sending
> Access-Challenge is not possible with TTLS or with any EAP type since
> Supplicant will not be compatible to process that.
> > I have one more question, is there a way to tell the client/supplicant
> to use/Access requests with specific EAP type. If the RADIUS client sends
> PEAP (MSCHAPV2) in the inner-tunnel I want to send supplicant (NAK request)
> and ask for only EAP-TTLS/PAP, so the client will resend the request with
> EAP-TTLS/PAP. is this Feasible by change details at inner-tunnel or server
> config files?
>
> EAP doesn't allow for sending NAK after the inner tunnel has been
> established.
>
> Alan DeKok.
>
>
More information about the Freeradius-Devel
mailing list