conecpt question

Alan DeKok aland at
Fri Aug 12 00:57:58 CEST 2005

Markus Krause <krause at> wrote:
> what i am dreaming of (at least regarding radius ;-) ):
> - wlan with wpa/802.1x using freeradius
> - clients mostly windows xp, several mac os x, few linux (unimportant right now)
> - the normal users (known to the local unix network the accesspoint/switch is
> connected to via nis or (some day) ldap) can access easily just with their
> username and password, if possible without client certificates (to keep things
> simple for the user)
> - some special 'accounts' (for guests etc.) in the freeradius users files
> can this be realized with freeradius?


> as far as i understand the conecpts behind this all this means a have to use
> peap, eap/ttls or eap/mschap-v2, am i right?

  EAP-TTLS, with tunneled PAP.  The use of /etc/passwd makes anything
else impossible.

  Alan DeKok.

More information about the Freeradius-Users mailing list