EAP-TTLS/EAP-PEAP Certificats
Vincent Guardiola
vguar99 at gmail.com
Tue Dec 20 17:19:06 CET 2011
Ok,
I don't understand why my config doens"t work or maybe i've erroe on my
client, this my conf :
eap.conf
eap {
default_eap_type = peap
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 4096
md5 {
}
leap {
}
gtc {
auth_type = PAP
}
.....
.....
peap {
default_eap_type = mschapv2
virtual_server = "inner-tunnel"
use_tunneled_reply = no
copy_request_to_tunnel = no
}
sites-enable/default
authorize {
preprocess
update control {
EAP-TLS-Require-Client-Cert = Yes
}
eap {
ok = return
}
}
authenticate {
}
Auth-Type MS-CHAP {
mschap
}
eap
}
sites-enable/inner-tunel
authorize {
eap {
ok = return
}
}
authenticate {
Auth-Type MS-CHAP {
mschap
}
eap
}
Thx.
2011/12/20 Alan DeKok <aland at deployingradius.com>
> Vincent Guardiola wrote:
> > I've read documentation and not found responses for my problem.
>
> It is documented.
>
> > I wonder if I correctly explain my request
> >
> > I would like to use a cllient certificats and mschapV2 in the same
> > authentification in PEAP or TTLS
> > Use client certificats for create TLS tunel and after use mschapv2 for
> > authenticate the user
> > It's possible with freeradius or not ?
>
> Yes. Read eap.conf. This is documented.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111220/3b939adc/attachment.html>
More information about the Freeradius-Users
mailing list