Mutual TLS authentication in handshake phase of EAP-TTLS
Thu Feb 25 03:42:11 PST 2010
apologies if this question has been answered elsewhere - I looked but
couldn't see anything, even in the "Mutual EAP-TTLS Authentication"
I am currently looking at the eapol_test code to see if I can use it as
a RADIUS client. I have ran eapol_test with various EAP-TLS and EAP-TTLS
configuration files, testing successfully with a freeRADIUS server.
Looking at the EAP-TTLS RFC 5281, I have read the following:
In EAP-TTLS, the TLS authentication may be mutual; or it may be one-way,
in which only the server is authenticated to the client.
My question is, does eapol_test currently allow mutual TLS
authentication for EAP-TTLS? If so, how do I configure it (or the
configuration files) to do so? I believe the tunnelled protocol can also
be TLS but I want to avoid this as I need to have the ability to verify
users rather than the client (e.g. by doing user/password checks).
I'd appreciate any help you can give.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Hostap