New Thread: EAP for Cisco AP.

Evan Vittitow evan at
Mon Jan 15 10:51:32 CET 2007

The next stage of Radius is using it to secure my Wireless network. I'm
fairly sure EAP-TLS is Certificate based, and EAP-MD5 has to do with
using an MD5 Has as a "Shared Secret"

But, I don't completely understand PEAP, and how it relates to MS-CHAP v2.

I want to try to use PEAP to secure my network.

Here is my current eap.conf

    eap {
        default_eap_type = peap
        timer_expire     = 60
        ignore_unknown_eap_types = no
        cisco_accounting_username_bug = no
        md5 {
        leap {
        gtc {
            auth_type = PAP
        tls {
            private_key_password = whatever
            private_key_file = ${raddbdir}/certs/cert-srv.pem
            certificate_file = ${raddbdir}/certs/cert-srv.pem
            CA_file = ${raddbdir}/certs/demoCA/cacert.pem
            dh_file = ${raddbdir}/certs/dh
            random_file = /dev/urandom
        peap {
        default_eap_type = mschapv2
        mschapv2 {

I have eap in authenticate and authorize. What else do I need to do, and
are there more dictionaries.

More information about the Freeradius-Users mailing list