Kamil Jońca wrote:
I try to set up radius authentication in my WiFi network.
I want to have:
1. one user (samsung phone) should be authenticated with PEAP
2. others should be authenticated with EAP-TLS.
Give user (1) a password. Give each of the other users a client
certificate.
Done.
Naive approach is to use Auth-Type but its treated as misuse at
http://deployingradius.com/documents/configuration/auth_type.html
But example is only for ms-chap, and I don't know which attribute(?)
use to force PEAP /EAP-TLS
Any help? Am I missing something?
You're making it too complicated. There's no need to force
anything. Just configure the users, and it will work.
If you don't give the users from (2) any passwords, PEAP won't work
for them. If you don't give users from (1) any client certificates,
EAP-TLS won't work for them.
It's that simple.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html