On Mon, 2 Aug 2004, Christophe Boyanique wrote: > Kostas Kalevras wrote : > > Thanks to you and Artur Hecker for your responses that helped me. > > I chose to implement PEAP and EAP-TTLS on freeradius in order to have a > wide support for Mac OS X and Windows 2000/XP. > > As I want to use LDAP to authenticate users; I may be able to use: > - PAP > - EAP-GTC > - LDAP direct bind
That's not an authentication protocol it's just a way of implementing an authentication protocol (like PAP,CHAP,MS-CHAP). > > From the point of view of the supplicant, what is the protocol to use > inside PEAP or EAP-TTLS in order to make freeradius do a LDAP bind ? And > will this protocol be handled by Mac OS X and Windows 2000/XP with or > without xsupplicant ? You should use PAP, that's the protocol which will send clear text passwords which can be used for an ldap bind > > It seems that SecureW2 implements EAP-TTLS+PAP. Yes it does. > > I found documentations saying that Windows XP handles PEAP but I didn't > find what protocols inside PEAP are supported (and MSCHAPv2 does not do > it as passwords are crypted in the LDAP). PEAP is protected EAP. So you 're mostly stack with MSCHAPv2. Use EAP-TTLS instead. > > About Mac OS X, it is suppposed to handle PEAP and EAP-TTLS but I have > the same problem: no mention about "inside" protocols. > > Does anyone has some informations about that ? > > Thanks again for your help, > > Christophe. > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
