Radius Testing. EAP-TTLS, (GTC - PAP) SSHA Password

Alan DeKok aland at deployingradius.com
Wed Mar 28 14:23:57 CEST 2018

On Mar 28, 2018, at 8:19 AM, Mitch Sullivan <mitch.sullivan at swarm64.com> wrote:
> Thanks Allan. I'm such a goose.
> Its working now.

   There's a lot in the debug output, so reading it is sometimes hard.  But the answers are there, 99% of the time.

> The self signed certificates will work for all common clients. E.G Windows 10 and Android Phones? I guess I'll find out as I test. Everything works fine for apple devices.


> Is this my best possible outcome, or is there are better / more secure recommendation?

  If possible, I'd use EAP-TLS instead of TTLS.  That avoids all issues with passwords being on end devices.  But the certificate management can get complex.

  Alan DeKok.

More information about the Freeradius-Users mailing list