Allow EAP-TLS based authentications only

Alan DeKok aland at deployingradius.com
Fri Oct 21 16:45:33 CEST 2011


Panagiotis Georgopoulos wrote:
> Am I right in thinking that if I leave enabled only the EAP-TLS, the
> EAP-TTLS and PEAP parts in my eap.conf file, I would basically achieve
> what I want? In order words, essentially disable md5, leap, gtc,
> mschapv2 in the eap.conf.

  To allow only EAP-TLS, simply delete every *other* subsection from the
eap configuration.  You don't need TTLS, and you don't need PEAP.

> There should not be any need for me to touch the inner-tunnel or
> inner-eap, right?

  You do not need to touch inner-tunnel.  I don't know what "inner-eap" is.

  Alan DeKok.



More information about the Freeradius-Users mailing list