Alan DeKok said: > It is impossible to use CHAP to authenticate to AD. You MUST use > MS-CHAP, or PAP.
When testing my Radius server with AD and XSupplicant I found that EAP-TTLS with MD5 inner auth and EAP-MD5 as well as EAP-TTLS with CHAP inner auth all failed. So you have explained why EAP-TTLS (CHAP) fails, thanks! So, is EAP-MD5 and EAP-TTLS (MD5) not possible also, or is my Radius config broken? --------------- Barry Dean Networks Team - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html