Does FreeRADIUS support PEAPv0/EAP-TLS?

Alan DeKok aland at
Tue Dec 9 11:35:48 CET 2008

Jason Wittlin-Cohen wrote:
> I already do that with the Juniper Access Client. The problem is that
> the client certificate has the user's name as the Common Name and that
> is sent in the clear. PEAP/EAP-TLS sends the user's certificate through
> the tunnel obviating the issue. I admit this isn't a large problem but
> it would be a nice feature to have.

  FreeRADIUS doesn't support RFC 5216, it's too new.

  It has been tested with PEAPv0/EAP-TLS in the past, but it's not a
common configuration.  So it might not work now.

  Alan DeKok.

More information about the Freeradius-Users mailing list