two factor authentication mschapv2 and eat-tls
Alan DeKok
aland at deployingradius.com
Sun Sep 11 15:42:05 CEST 2016
On Sep 11, 2016, at 2:59 AM, stefan nowak <pionartest at gmail.com> wrote:
> Is it possible to setup two factor authentication with use mschav2 and eap-tls?
That's called PEAP.
> My concept is:
> first step is use eap-tls to check if user have valid certificate if
> yes then next should appear prompt with user and password(mschapv2)
> where check data from Active Directory server. User should get access
> only in case when all two steps will success .
>
> Is it possible to do with freeradius 3.x?
Is it possible with Windows?
No?
Then it's impossible.
Even if it was possible with FreeRADIUS, nothing else in the network will support this authentication mechanism.
Alan DeKok.
More information about the Freeradius-Users
mailing list