On 29 Jun 2006, at 17:23, Rainer Brinkmann wrote:
Hello,
we wonder, how a freeradius can request a client to use a fixed EAP-
Method:
so its defined:
Client starts with EAP-Start-Msg
Radius wants EAP-Identity
Client answers with Username or Hostname NOT using a special EAP-
Method
Radius now starts communiucating with the first EAP-Packet, using the
special EAP-Method
Question:
you run in your wireless LAN many SSIDs:
SSID1 shall use EAP-TTLS
SSID2 shall use EAP-TLS (high-secured Net like personal Data)
I'd personally question the assumption that TLS is any more secure
than TTLS, but if you want to do this it is probably easiest to have
a single SSID, and allocate a VLAN dynamically depending on whether
they've used TTLS or TLS.
josh.
what logic starts the right inner-EAP-Protocol, cause neither the
AccessPoint(WLAN-Controller), nor the
radius server know, what Method to use, when there are many enabled.
e.g. on a cisco-Radius, that runs with enabled PEAP and TLS, but
there's no
special attribute defined to control that
thanks for reply,
Rainer Brinkmann
University-Clinicum Hamburg / Germany
- List info/subscribe/unsubscribe? See http://www.freeradius.org/
list/users.html
Josh Howlett, Networking Specialist, University of Bristol.
email: [EMAIL PROTECTED] | phone: +44 (0)7867 907076 |
internal: 7850
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
