Trouble With Eap-TTLS - PAP - LDAP - Azure AD DS
Sven Hartge
sven at svenhartge.de
Fri Dec 11 21:23:59 CET 2020
On 11.12.20 20:06, Bryce Long wrote:
> I was just now reading from another post that I only really have 2 choices:
> I either have to store the passwords somewhere for mschap to work or I have
> to set the server to use ttls and pap?
First choice: Yes, the one with the most compatibility.
Second choice: Problematic. The Client drives the conversation and if
the Client says "I wann do PEAP-MSCHAPv2!" then there is nothing the
RADIUS server can do to convince him otherwise.
Since PEAP-MSCHAPv2 is still the most compatible protocol for WiFi you
really have no other choice than the first choice.
Unless you want to drown in support requests. (Ask me how I know.)
Grüße,
Sven.
More information about the Freeradius-Users
mailing list