Hi,
It will mean that you will need to change your clients to get it working (installing a different supplicant rather than the standard windows one), and that the clients will talk to the access point over SSL (TTLS) but since it's using PAP the password is sent not hashed or encrypted. So then when the NAS (Wireless access point) talks to FreeRadius and sends the password not encrypted or hashed.
Uh, that last part is not true. The NAS doesn't see or transmit any passwords in the clear. The TLS tunnel spans from the client to the RADIUS server. The RADIUS server will then see the clear-text password, *no one else*. It's a popular urban legend that TTLS sends clear text passwords, but it's not true.
Stefan -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
