Autz-Type New-TLS-Connection only available when using TLS 1.3
Alan DeKok
aland at deployingradius.com
Thu Feb 22 10:43:47 UTC 2024
On Feb 22, 2024, at 5:35 AM, Fadrný Jaroslav <Jaroslav.Fadrny at k-net.cz> wrote:
>
> Thanks for the reponse. Is There anything, what I should change on radius side? Could be problem with APs itself? Iam not using any certificate on server side, APs just support PAP auth method.
No.
The APs will usually support two kinds of user authentication:
1) admin login to the AP itself. This is often PAP
2) user login to WiFi. This is never PAP, but is instead EAP.
The logs clearly shows FreeRADIUS receiving EAP.
In order for user logins to work to the AP, you have to configure EAP on the server. There are many, many, pages of documentation on how to do that. See the default configuration files which come with the server. See also the Wiki.
You CANNOT use PAP to authenticate users for WiFi. It's impossible.
You MUST configure EAP. This means that you need certificates, and then configure FreeRADIUS to use the certificates.
Alan DeKok.
More information about the Freeradius-Users
mailing list