Why exactly do you want to do this instead of using standardized EAP- 
TLS?  You'll have to write your own code upates to FreeRADIUS, and I  
know of *no* supplicants that will operate in this fashion.  Seems  
like a lot more trouble than using what's already there, especially  
when you get into situations like where the certificate won't fit  
into one EAPOL packet, which is constrained by the MTU.


On Mar 7, 2007, at 12:53 PM, Diameter K wrote:

> Hi All,
>        I want to configure free-radius to handle a simple EAP  
> described below.
> 1. Radius receives a IDENTITY message. The IDENTITY message  
> contains a encrypted certificate.
> 2. The server decrypts and validates the Certificate and send out a  
> EAP-Success or EAP-Failure.
> Is there any way i can configure freeradius to achieve this flow or  
> would i have to modify the code.  As i understand the standard  
> flows are much more complicated(with challenge), which i dont want.
> Thanks & Regards,
> Shiv
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ 
> users.html

List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to