Jonathan D. Proulx wrote: > using 1.1.7 (forgive me) And we say... upgrade. :) It will make solving this problem easier.
> I have EAP-TTLS working from the files module and I have krb5 > athentication working with ldap authorization fro radtest, but when I > try EAP-TTLS as an ldap user I fail to connect, and the sever never > seems to try the krb5 module. You will need to put something like this in the "users" file: DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Auth-Type := Kerberos > Before I start pulling my hair out is even possible? Yes. IF the inner tunnel session contains a cleartext password. CHAP won't work, and neither will MS-CHAP. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
