Freeradius eap

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen

Default eap with md5

  • cat /etc/freeradius/3.0/mods-available
eap {
	default_eap_type = md5
	timer_expire     = 60
	ignore_unknown_eap_types = no
	cisco_accounting_username_bug = no
	max_sessions = ${max_requests}
	md5 {
	}
	leap {
	}
	gtc {
		auth_type = PAP
	}
	tls-config tls-common {
		private_key_password = whatever
		private_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
		certificate_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
		ca_file = /etc/ssl/certs/ca-certificates.crt
		dh_file = ${certdir}/dh
		ca_path = ${cadir}
		cipher_list = "DEFAULT"
		cipher_server_preference = no
		ecdh_curve = "prime256v1"
		cache {
			enable = no
		}
		verify {
		}
		ocsp {
			enable = no
			override_cert_url = yes
			url = "http://127.0.0.1/ocsp/"
		}
	}
	tls {
		tls = tls-common
	}
	ttls {
		tls = tls-common
		default_eap_type = md5
		copy_request_to_tunnel = no
		use_tunneled_reply = no
		virtual_server = "inner-tunnel"
	}
	peap {
		tls = tls-common
		default_eap_type = mschapv2
		copy_request_to_tunnel = no
		use_tunneled_reply = no
		virtual_server = "inner-tunnel"
	}
	mschapv2 {
	}
}

Default eap ttls

Change only this 

eap {
	default_eap_type = ttls
        ...
Abgerufen von „http://wiki.ixheim.de/index.php?title=Freeradius_eap&oldid=18026