FreeRadius users mailing list <freeradius-users@lists.freeradius.org> on July 29, 2005 at 01:40 -0800 wrote: >>From a suggestion on the mailing list I plan on using EAP-TTLS and PAP >inner >tunnel authentication. > >The reason I'm going this route is because I want to authenticate against >linux >user accounts and the password is encrypted in /etc/shadow so the ms-chap >route >is no good since it can't work with encrypted passwords. > >How do I configure free radius to work with EAP-TTLS and PAP inner tunnel >authentication, I wasn't able to find much on the net. I'm quite a fast >learner >however.
Hi Sura, Just follow the config file comments for enabling TTLS and make it the default EAP type. Just make sure you follow the instructions here: http://rbirri.9online.fr/howto/Freeradius_+_TTLS.html for making your "random" and "dh" files -- I haven't seen this documented officially, however I have seen other instructions that *broke* our certificate use. -kb -- Kris Benson, CCP, I.S.P. Technical Analyst, District Projects School District #57 (Prince George) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html