FR eap-ttls , winxp client configuration
Alan DeKok
aland at ox.org
Wed Jun 15 20:43:52 CEST 2005
Bruno Quintas <bruno.quintas at itconnect.pt> wrote:
> What changes should i do in the server to change the current setup
> EAP-TLS to EAP-TTLS?
> Based on the documents eap.conf:
>
> default_eap_type = ttls in eap section
> comment tls and uncomment ttls?
The howto's say that you need TLS to do TTLS.
After that, setting "default_eap_type = ttls" helps, but it's not
strictly necessary.
> The purpose of using ttls is to eliminate the need for client
> certificates. I have read in several articles (which considered this to
> be the main advantage over eap-tls), but all the howtos i've seen -
> including secure2w ttls client assume the existence of client certificates.
TTLS can use client certificates, but it doesn't require them.
Alan DeKok.
More information about the Freeradius-Users
mailing list