EAP/TTLS Doubts (Another one!)
Alan DeKok
aland at ox.org
Tue Jun 28 02:39:56 CEST 2005
Mario Alberto Cruz Gartner <mario.cruz at gmail.com> wrote:
> So.. no certificates will be needed on the clients? First must be
> open a TLS tunnel, so i think that still need the certificates.
No. You need a server certificate, but not client certificates.
> -What is "rlm_eap: EAP NAK"?
You configured the server to do TLS by default. The client wants to
do TTLS, so it NAK'd TLS, and asked for TTLS.
> -It says: "TLS_accept:error in SSLv3 read client certificate A" But
> the client had the certs installed already (TLS works fine!).
It means there's no client certificate. There's no problem.
> -Is there another guide (maybe a little updated?) for a EAP/TTLS with
> FreeRadius?
Configure TLS & get it working. After that, doing TTLS should just
be a matter of configure TTLS in eap.conf.
Alan DeKok.
More information about the Freeradius-Users
mailing list