Disable PEAP-TLS but allow PEAP

Cotton, Jesse Jesse.Cotton at stockton.edu
Tue Aug 14 17:18:15 CEST 2012

That was a typo. I meant EAP-TLS.

Thanks for the quick reply.

-----Original Message-----
From: freeradius-users-bounces+jesse.cotton=stockton.edu at lists.freeradius.org [mailto:freeradius-users-bounces+jesse.cotton=stockton.edu at lists.freeradius.org] On Behalf Of Phil Mayers
Sent: Tuesday, August 14, 2012 11:09 AM
To: freeradius-users at lists.freeradius.org
Subject: Re: Disable PEAP-TLS but allow PEAP

On 14/08/12 15:57, Cotton, Jesse wrote:
> We need to use a public certificate for PEAP b/c the majority of our 
> clients are not on our domain. However I do not want to allow EAP-TLS 
> with any cert signed by the 3^rd party CA. Is it possible to prevent 
> PEAP-TLS with a cert but allow PEAP? If so, what config options do I 
> need to add and where?


> I've read several posts about this and none have been helpful.

In the current version of the server, I think this is hard. It may be easier in the HEAD / 3.0 code.
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list