+# -*- text -*-
#
# Whatever you do, do NOT set 'Auth-Type := EAP'. The server
# is smart enough to figure this out on its own. The most
# http://www.dslreports.com/forum/remark,9286052~mode=flat
#
#tls {
- # private_key_password = whatever
- # private_key_file = ${raddbdir}/certs/cert-srv.pem
+ private_key_password = whatever
+ private_key_file = ${raddbdir}/certs/cert-srv.pem
# If Private key & Certificate are located in
# the same file, then private_key_file &
# certificate_file must contain the same file
# name.
- # certificate_file = ${raddbdir}/certs/cert-srv.pem
+ certificate_file = ${raddbdir}/certs/cert-srv.pem
# Trusted Root CA list
# CA_file = ${raddbdir}/certs/demoCA/cacert.pem
# as that is the default type supported by
# Windows clients.
# default_eap_type = mschapv2
+
+ # the PEAP module also has these configuration
+ # items, wjocj are the same as for TTLS.
+ # copy_request_to_tunnel = no
+ # use_tunneled_reply = no
+
+ # When the tunneled session is proxied, the
+ # home server may not understand EAP-MSCHAP-V2.
+ # Set this entry to "no" to proxy the tunneled
+ # EAP-MSCHAP-V2 as normal MSCHAPv2.
+ # proxy_tunneled_request_as_eap = yes
+
#}
#