Salted SHA512

Stefan Paetow Stefan.Paetow at
Mon Sep 5 12:32:46 CEST 2016

> Hmm, not sure where to look. It seems both OpenVPN and StrongSwan send EAP requests to FreeRADIUS, but from when I can see, EAP only supports MD5 and Crypt? Does that mean I should change it to PAP instead of EAP?

Do StrongSwan and OpenVPN allow you to set the inner authentication method for EAP, i.e. EAP-TTLS/EAP-GTC or EAP-TTLS/EAP-MSCHAPv2 (outer/inner)? If you can, configure your EAP-TTLS or EAP method to use GTC (Generic Token Card), which in FreeRADIUS is set up to use PAP. Of course, if they allow you to set PAP as the inner, you can go straight to PAP in the inner tunnel :-)

Stefan Paetow
Moonshot Industry & Research Liaison Coordinator

t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: stefanp at
skype: stefan.paetow.janet

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <>

More information about the Freeradius-Users mailing list