EAP-TTLS/EAP-TLS hostap configuration

[Jouni Malinen]

On Mon, Nov 28, 2011 at 01:32:37PM +0000, Mr Dash Four wrote:
> 1) Should I at least assume that if I use hostapd as RADIUS, 
> EAP-TTLS/EAP-TLS is supported, but only if I use one set of ca, server 
> and user certificates/key?; and

Yes.

> 2) If I do *not* use hostapd as authentication server (and use external 
> RADIUS instead), wish to perform EAP-TTLS/EAP-TLS authentication, use 
> two pairs of ca, server and user certificates/key then I presume all 
> negotiations between the (wireless) client and RADIUS are passed to 
> RADIUS by hostapd, thus allowing authentication process to be concluded, 
> is that correct (I am also assuming that hostapd is installed on the 
> AP/NAS)?

Yes.

-- 
Jouni Malinen                                            PGP id EFC895FA