EAP-TLS + username/password

João Alves j__andre at hotmail.com
Mon Oct 27 10:01:47 CET 2014


Hello,I currently have a freeradius setup where the client authenticates using username/password. My goal is to authenticate the user using a client certificate (using EAP-TLS), however, I would still like to maintain the username/password authentication. Preferably the flow would be something like this:1.User authenticates to radius_server_1  using EAP_TLS2.radius_server_1 after authenticating the client (and only if authentication is sucessful) forwards a request to radius_server_2 with the client username/password3.radius_server_2 authenticates clientSo only if both radius_server_1 and radius_server_2 authenticate the client is the client granted access.The flow doesn't necessarily need to be like the one above, I am open to suggestions, I'm not really sure what is possible and what isn't and would like to know my options. 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20141027/db9eb529/attachment.html>


More information about the Freeradius-Users mailing list