Dave Mussulman <[EMAIL PROTECTED]> wrote: > Do people commonly tunnel MD5 over TTLS? Or something else -- > password auth?
Yes, and yes. TTLS can support any authentication method supported by RADIUS. > What software supports this? See the list archives (or posts earlier today) for pointers to a free client for XP. > Is anyone working on PEAP support native in FreeRADIUS? There was a patch posted to the freeradius-devel list a few days ago. It may work. > I still think PEAP is a better route, without having to put any > certificate on the user machine, but I guess that's not an option right > now. XP comes with a PEAP client. That is the *only* reason to prefer PEAP over TTLS. In all other aspects, TTLS is light-years better. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html