We are trying to configure freeradius-snapshot-20030911 to use EAP/TTLS
with LDAP (OpenLDAP 2.0.27). I have a few questions, however.
I can see from the comments in the radiusd.conf file how to tell the
radius server where to find which certificate(s) to use for EAP/TLS
operation, but how does one specify what certificate to use for (the
initial TLS phase of) the EAP/TTLS operation?
Also, the file doc/rlm_eap states:
The radius server needs a plaintext password so that it can perform
the same one-way hash to determine that the password is correct.
When using LDAP for authentication, passwords are not necessarily in
clear text. Am I to understand the above to mean that I must store my
passwords in LDAP in clear text for EAP to work?
If anyone is successfully using EAP/TTLS, especially in concert with
LDAP, I would certainly appreciate some configuration examples.
Thanks in advance,
-nic
--
Nic Bernstein [EMAIL PROTECTED]
Onlight llc. www.onlight.com
757 North Water Street v. 414.272.4477
Milwaukee, Wisconsin 53202 f. 414.290.0335
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
