EAP-TTLS/EAP-PEAP Certificats
Vincent Guardiola
vguar99 at gmail.com
Thu Dec 15 16:12:06 CET 2011
Humm yes, but with this i can use mschapv2 for authenticate or my
authentification will be used by client certificat ?
2011/12/15 Phil Mayers <p.mayers at imperial.ac.uk>
> On 15/12/11 14:29, Vincent Guardiola wrote:
>
>> Hi all,
>>
>> I have just one question about client certificats with EAP-TTLS or
>> EAP-PEAP.
>>
>> I would like use certificats client with authentication MSCHAPv2 it's
>> possible ?
>>
>
> Yes. This is documented in the "eap.conf":
>
> # You can make PEAP require a client cert by setting
> #
> # EAP-TLS-Require-Client-Cert = Yes
> #
> # in the control items for a request.
>
> In the *outer* tunnel, do this:
>
> authorize {
> ...
> update control {
> EAP-TLS-Require-Client-Cert = Yes
> }
> ...
> eap
> }
>
> I know it says EAP-TLS; ignore that. It will make the PEAP client send a
> client cert.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/**
> list/users.html <http://www.freeradius.org/list/users.html>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111215/c2961197/attachment.html>
More information about the Freeradius-Users
mailing list