EAP-TNC supported?
Alan DeKok
aland at deployingradius.com
Thu Aug 21 08:42:16 CEST 2008
Martin Schneider wrote:
> Does anybody know about a patch or something for FreeRadius that adds
> more stable EAP-TNC processing? I heard about a patch from FH Hannover
> (http://tnc.inform.fh-hannover.de/wiki/index.php/Main_Page) but I
> don't know how good this one works. Did maybe anybody of you guys play
> with that patch?
The EAP-TNC code in FreeRADIUS *is* the FH Hannover code. There's
just *more* work that has to be done to make it ready for a production
environment.
> I read in the EAP-TTLS draft, that you can perform mutual
> authentication of server AND client using EAP-TTLS. (Client also needs
> a Certificate...). So theoretically you should be able to run EAP-TNC
> directly after EAP-TTLS in the TLS tunnel without any other user
> authenticating EAP-method?
Perhaps. Check with the TNC specifications to see if this is permitted.
Alan DeKok.
More information about the Freeradius-Users
mailing list