Mario Alberto Cruz Gartner <[EMAIL PROTECTED]> wrote: > So.. no certificates will be needed on the clients? First must be > open a TLS tunnel, so i think that still need the certificates.
No. You need a server certificate, but not client certificates. > -What is "rlm_eap: EAP NAK"? You configured the server to do TLS by default. The client wants to do TTLS, so it NAK'd TLS, and asked for TTLS. > -It says: "TLS_accept:error in SSLv3 read client certificate A" But > the client had the certs installed already (TLS works fine!). It means there's no client certificate. There's no problem. > -Is there another guide (maybe a little updated?) for a EAP/TTLS with > FreeRadius? Configure TLS & get it working. After that, doing TTLS should just be a matter of configure TTLS in eap.conf. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html