I have been struggling to get the EAP-TTLS to work.
Alan DeKok
aland at deployingradius.com
Thu Apr 10 23:24:41 CEST 2008
Johan Nyman wrote:
> I have been struggling to get the EAP-TTLS to work.
Why? In 2.0 you install it, add a user as suggested in the FAQ, and
start it in debug mode. If the client doesn't check the server cert,
TTLS will work.
> I have been following this guide:
> http://rbirri.9online.fr/howto/Freeradius_+_TTLS.html
That's the problem. Can you explain why you're following a guide
that's over FOUR YEARS out of date? Why haven't you followed the
instructions and documentation that came with the server?
> And i think the setup of all things has gone fine (biggest problem i had
> was creating the certifcates).
Uh... in 2.0, it's easy: start the server. Or, read the documentation
in raddb/certs/README.
> - I am guessing that the /etc/cert/ca.pem is the "client certification"
> i created from the freeradius.
Don't guess. Read the existing documentation.
And you don't need client certs for TTLS.
Alan DeKok.
More information about the Freeradius-Users
mailing list