EAP-TTLS and Kerberos problem
Jakob Oestergaard
jakob at unthought.net
Tue Jan 24 14:39:51 CET 2006
Dear list,
I'm setting up FreeRADIUS so that I can authenticate WPA ("Enterprise")
from a Linksys access point against Kerberos (via. RADIUS).
I can get FreeRADIUS to authenticate against Kerberos (using radtest),
and I can get FreeRADIUS to talk EPA-TTLS with the access point (or the
WIFI notebook actually).
However, I cannot get EPA-TTLS to work with Kerberos.
If I put this in my users file, EAP-TTLS works and FreeRADIUS correctly
sees the PAP password from the laptop:
DEFAULT Auth-Type = EAP
Fall-Through = 1
If I put this in my users file, Kerberos works but FreeRADIUS does not
get the password from the notebook and therefore the krb5 module won't
attempt authentication:
DEFAULT Auth-Type = Kerberos
So, is there a way to tell FreeRADIUS to both use EAP *and* attempt
Kerberos authentication when it actually has a password?
Any help will be much appreciated.
Thank you very much
--
/ jakob
More information about the Freeradius-Users
mailing list