EAP-TTLS / LDAP
Sergio Belkin
sebelk at gmail.com
Tue Jul 8 21:11:42 CEST 2008
2008/7/8 joris <jorisd at gmail.com>:
> Hello,
>
> After reading the configuration file radiusd.conf, it explicitly says
> that one can't use LDAP as the authentication backend when you use EAP
> (in my case, i'm interested in EAP-TTLS).
>
> Nonetheless, I can read elsewhere on the web that some people seem to
> use both EAP and LDAP, so I wonder who is right ?
>
> I would use LDAP for storing all my users/password and EAP to protect
> my users credentials over insecure Wifi.
>
> Any advices ?
>
>
> Cheers,
>
> Joris
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
What documentation says is that you can't use encrypted password in
LDAP with EAP/PEAP. But you can use EAP/TTLS + PAP with LDAP. The main
problem for this approach is that the f**k Windows has not native
support for TTLS, so you should install some software eg: SecureW2...
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
More information about the Freeradius-Users
mailing list