Marcelo Augusto Rodrigues Pimentel wrote:
> OK. But I´m trying to use peap to make an encrypted tunnel validating the
> server certificate and then I want to authenticate the clients whith EAP-TLS
> using client/server certificate. The TLS tunnel is working fine, but the
> second part of EAP-TLS authentication not.
What second part of EAP-TLS? The server supports authenticating via
client certificates, and nothing else.
> So .... in the peap section in the eap.conf, what I´ve to configure for
> default eap type? Is tls ?
No. You can leave it alone. It's fine.
> If I configure tls, I´ve to create a tls section in the peap section or the
> tls section of the eap.conf is enough. I´ve attached my eap.conf file.
If you want to use just TLS, you don't need the PEAP section. If you
want to use PEAP, you need the TLS section. The comments in the
"eap.conf" file explain this.
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html