EAP-TTLS with phase2="autheap=TLS" ?
Andrea G Forte
andreaf at cs.columbia.edu
Tue Feb 7 17:56:52 EST 2006
I am confused by the example in the supplicant config file. In particular:
# WPA-EAP, EAP-TTLS with different CA certificate used for outer and inner
# Phase1 / outer authentication
anonymous_identity="anonymous at example.com"
# Phase 2 / inner authentication
* phase2="autheap=TLS" *
It seems not to be a standard mode (phase2="autheap=TLS"). Earlier in
the config file:
# phase2: Phase2 (inner authentication with TLS tunnel) parameters
# (string with field-value pairs, e.g., "auth=MSCHAPV2" for EAP-PEAP or
# "autheap=MSCHAPV2 autheap=MD5" for EAP-TTLS)
# Following certificate/private key fields are used in inner Phase2
# authentication when using EAP-TTLS or EAP-PEAP.
there is no mention of this other mode. Also, freeradius does not
support it (unless I have done something wrong) saying that TLS inside a
TTLS tunnel is not possible.
Am I doing something wrong in the configuration os is the above example
in the config file a typo?
More information about the HostAP