Bruno Quintas <[EMAIL PROTECTED]> wrote: > What changes should i do in the server to change the current setup > EAP-TLS to EAP-TTLS? > Based on the documents eap.conf: > > default_eap_type = ttls in eap section > comment tls and uncomment ttls?
The howto's say that you need TLS to do TTLS. After that, setting "default_eap_type = ttls" helps, but it's not strictly necessary. > The purpose of using ttls is to eliminate the need for client > certificates. I have read in several articles (which considered this to > be the main advantage over eap-tls), but all the howtos i've seen - > including secure2w ttls client assume the existence of client certificates. TTLS can use client certificates, but it doesn't require them. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html