EAP-TTLS with phase2="autheap=TLS" ?
Andrea G Forte
andreaf
Tue Feb 7 14:56:52 PST 2006
I am confused by the example in the supplicant config file. In particular:
# WPA-EAP, EAP-TTLS with different CA certificate used for outer and inner
# authentication.
network={
ssid="example"
key_mgmt=WPA-EAP
eap=TTLS
# Phase1 / outer authentication
anonymous_identity="anonymous at example.com"
ca_cert="/etc/cert/ca.pem"
# Phase 2 / inner authentication
* phase2="autheap=TLS" *
ca_cert2="/etc/cert/ca2.pem"
client_cert2="/etc/cer/user.pem"
private_key2="/etc/cer/user.prv"
private_key2_passwd="password"
priority=2
}
It seems not to be a standard mode (phase2="autheap=TLS"). Earlier in
the config file:
# phase2: Phase2 (inner authentication with TLS tunnel) parameters
# (string with field-value pairs, e.g., "auth=MSCHAPV2" for EAP-PEAP or
# "autheap=MSCHAPV2 autheap=MD5" for EAP-TTLS)
# Following certificate/private key fields are used in inner Phase2
# authentication when using EAP-TTLS or EAP-PEAP.
there is no mention of this other mode. Also, freeradius does not
support it (unless I have done something wrong) saying that TLS inside a
TTLS tunnel is not possible.
Am I doing something wrong in the configuration os is the above example
in the config file a typo?
Thank you,
Andrea
More information about the Hostap
mailing list