EAP-TTLS

[José Luis Solano]

hi all!!!!!!!!!!     I'm going to use TTLS with my freeRadius 0.8.1. I have used TLS already and it run ok, but now I need TTLS too. Currently my code in radius.conf is:   ------------------------------ # Extensible Authentication Protocol         #         #  For all EAP related authentications         eap {                 # Invoke the default supported EAP type when                 # EAP-Identity response is received                 default_eap_type = tls                   # Default expiry time to clean the EAP list,                 # It is maintained to co-relate the                 # EAP-response for each EAP-request sent.                 timer_expire     = 60                   # Supported EAP-types                 #md5 {                 #}                   ## EAP-TLS is highly experimental EAP-Type at the moment.                 #       Please give feedback on the mailing list.                 tls {                         private_key_password = izadisan                         private_key_file = /usr/local/openssl/ssl/certs/server/server.pem                   #       If Private key & Certificate are located in the                 #       same file, then private_key_file & certificate_file                 #       must contain the same file name.                         certificate_file = /usr/local/openssl/ssl/certs/server/server.pem                   #       Trusted Root CA list                         CA_file = /usr/local/openssl/ssl/certs/ca/ca.crt                           dh_file = /usr/local/openssl/ssl/certs/dh                         random_file = /usr/local/openssl/ssl/certs/random                 #                 #       This can never exceed MAX_RADIUS_LEN (4096)                 #       preferably half the MAX_RADIUS_LEN, to                 #       accomodate other attributes in RADIUS packet.                 #       On most APs the MAX packet length is configured                 #       between 1500 - 1600. In these cases, fragment                 #       size should be <= 1024.                 #                         fragment_size = 600                   #       include_length is a flag which is by default set to yes                 #       If set to yes, Total Length of the message is included                 #       in EVERY packet we send.                 #       If set to no, Total Length of the message is included                 #       ONLY in the First packet of a fragment series.                 #                         include_length = yes                 }         } ---------------------------------------------------------   What changes I need if I want authentacation with TLS AND TTLS. Anybody could to help me please???   Thanks a lot in advance!!!!!!       ------------------- A litle question: Anybody use XSupplicant client with TLS and TTLS?     José Luis Solano SGI - Soluciones Globales Internet S.A. Delegación Regional Sur [EMAIL PROTECTED] (+34) 954.088.060