Nic Bernstein <[EMAIL PROTECTED]> wrote: > I can see from the comments in the radiusd.conf file how to tell the > radius server where to find which certificate(s) to use for EAP/TLS > operation, but how does one specify what certificate to use for (the > initial TLS phase of) the EAP/TTLS operation?
It uses the TLS certificates, as configured in the TLS module. > When using LDAP for authentication, passwords are not necessarily in > clear text. Am I to understand the above to mean that I must store my > passwords in LDAP in clear text for EAP to work? For EAP-MD5, and EAP-TTLS with tunneled CHAP, MS-CHAP, and EAP-MD5. > If anyone is successfully using EAP/TTLS, especially in concert with > LDAP, I would certainly appreciate some configuration examples. You shouldn't have to do anything special to get TTLS working with LDAP. Get LDAP working, uncomment the TTLS module, and the tunneled authentication request will use the pre-existing LDAP configuration. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
