On 07/17/2012 11:15 AM, Sudhir Harwalkar wrote: > Does EAP-FAST and EAP-TTLS require USERNAME and Password for > authentication or only Username is sufficient.
The answer depends on the inner authentication protocol. With EAP-TTLS you can use PAP (EAP-TTLS/PAP) where you can accept any password without checking it. EAP-TTLS/EAP-GTC should also do the same. With EAP-FAST you can do EAP-FAST/EAP-GTC, I'm not sure if EAP-FAST/PAP is supported. EAP-TTLS with MSCHAPv2 will not work. The v2 part in MSCHAPv2 requires the server to prove it has access to the user's password. If the server can not do this, the client refuses to continue the authentication process. Thanks, Heikki -- Heikki Vatiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
