Cross platform secure login on wpa2

A.L.M.Buxey at A.L.M.Buxey at
Thu Dec 15 11:04:27 CET 2016


> What is the recommend configuration to allow users on multiple OS/mobile
> use WPA2-Enterprise using only user/pass to securely connect use user/pass
> that is authenticated against using
> kerberos

if using kerberos, then thats needing PAP in the inner.... so, keep the default
config for the outer - eap will be active and thus the EAP-TTLS will be setup.

then, in the INNER tunnel, you will need to ensure that PAP is being used...and
in this case, the server will need to be told to do kerberos..... however, for

in authorize:

			update control {
				&Auth-Type := kerberos

in authenticate:

	Auth-Type kerberos { 

or somesuch....since we moved to 3.x code we moved our kerberos to LDAP instead.


More information about the Freeradius-Users mailing list