[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: Enabling EAP-TTLS-PAP for wired usage
From: Matthew Newton <mcn () freeradius ! org>
Date: 2022-06-15 18:04:45
Message-ID: 965de170-d453-6a3f-5805-b63fd29c5b68 () freeradius ! org
[Download RAW message or body]
On 15/06/2022 18:53, Florent Vercourt wrote:
> I'm currently setting up a freeradius, and i would need some information on how to \
> setup EAP-TTLS-PAP for a wired usage. Users will be identified via an LDAP database \
> on the accounting will by via MySQL.
OK, that sounds fairly normal.
> I already understood how works EAP-TTLS and how to set it as the default_eap_type, \
> but it is mainly for the PAP part, do i have to configure it myself in \
> /etc/raddb/mods-enabled/eap in the ttls section, if so, what do i have to activate \
> ? , or is it default-activated without having to configure it, otherwise where do i \
> have to configure it ?
mods-enabled/eap just handles the EAP (TTLS) part. The inner encrypted
data (PAP in your case) then passes through the "inner-tunnel" virtual
server. Yes it's enabled by default.
See raddb/sites-enabled/inner-tunnel
Configure ldap and pap in there and you should be good to go.
> Could i communicate in PAP with my MySQL database, or do i have to authorize \
> another protcol of communication ?
You would configure mysql (mods-enabled/sql) and then call "sql" where
needed - presumably in sites-enabled/default in the accounting section.
--
Matthew
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic