PEAP / EAP-TLS
aland at deployingradius.com
Wed Dec 2 00:25:14 CET 2020
On Dec 1, 2020, at 6:08 PM, Matthew Newton <mcn at freeradius.org> wrote:
> That's my site ;-P
Then it's perfect and magical. :)
> The info there is about the only place on the web that describes how PEAP/EAP-TLS works, or at least it was when written. It is old now, but the config still looks pretty correct. As it says, it's the fragment_size thing that actually matters.
>>> Can someone provide a working config for PEAP/EAP-TLS?
> Honestly, why? There's no point now unless you want to slow your authentication down by adding more round trips. The first paragraph on the site says as much.
> Microsoft have removed SoH from Windows 10. There's about no other reason I can think of to do both PEAP and EAP-TLS.
> Just use EAP-TLS on its own. It's simpler, and faster.
More information about the Freeradius-Users