PEAP LDAP confusion

Rob Shepherd rob at
Tue Jul 18 20:14:48 CEST 2006

Dear FreeRADIUS users,

Firstly, I am attempting to get XP/OSX clients to connect to a 802.1x 
WLAN provided by a cisco wlan controller. This is currently backed by 
ACS and works, but i'd like to use FreeRADIUS is possible, with half my 
users in LDAP and half in MySQL.

The setup uses PEAP, however am I correct in thinking that the RADIUS 
server never touches any TLS components. The TLS tunnel is between the 
WLAN controller and the client right?

Furthermore, I know I cannot use ldap authentication (binding) as a 
result of the eap conversation, however can I store an NT-Hash in 
LDAP/MySQL for the mschapv2 module to pick up and use? I'd prefer not to 
store clear text at all if possible...

I have everything I need compiled and installed, but I'd like to know 
whether or not I can achieve my goal before wasting a lot of my time. 
Any pointers are thus greatly appreciated.


Rob Shepherd | Computer and Network Engineer | Technium CAST | LL57 4HJ
rob at | 01248 675024 | 07776 210516

More information about the Freeradius-Users mailing list