Mutual Authentication with EAP-TTLS/MSCHAPv2

Zolotov, Eyal eyal.zolotov at
Wed Oct 3 10:52:18 CEST 2007



I have several questions:


1. Does EAP-TTLS with MSCHAPv2 considered as a mutual authentication

2. I understand that the TTLS itself can be mutual, meaning:

a. The client authenticates the server (via server certificate)

b. A secured tunnel is created

c. The server authenticates the client (via client certificate)

d. The client authenticates itself again using MSCHAPv2.

Does FreeRadius support this kind of Authentication?

3. I received a root-certificate and I want to create trusted

            a. Which software can I use sign a certificate with the
root-certificate I received?

            b. They didn't provide me with the passcode of the root
certificate - so I can't do anything? Right?


Thanks a lot




Envara, Ltd.

This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list