8. FAQ

Do not forget to check out the FAQ section of both the FreeRADIUS (highly recommended!) and Xsupplicant Web sites!

8.1. Is it possible to allow user-specific Xsupplicant configuration, to avoid having a global configuration file?
8.2. I don't want to use PEAP; can I use EAP-TTLS or EAP-TLS instead?
8.3. Can I use a Windows Supplicant (client) instead of GNU/Linux?
8.4. Can I use a Active Directory to authenticate users?
8.5. Is there any Windows Supplicant clients available?

8.1.

Is it possible to allow user-specific Xsupplicant configuration, to avoid having a global configuration file?

No, not at the moment.

8.2.

I don't want to use PEAP; can I use EAP-TTLS or EAP-TLS instead?

Yes. To use EAP-TTLS, only small changes to the configuration used in this document are required. To use EAP-TLS, client certificates must be used as well.

8.3.

Can I use a Windows Supplicant (client) instead of GNU/Linux?

Yes. Windows XP SP1/Windows 2000 SP3 has support for PEAP MSCHAPv2 (used in this document). A Windows HOWTO can be found here: FreeRADIUS/WinXP Authentication Setup

8.4.

Can I use a Active Directory to authenticate users?

Yes. FreeRADIUS can authenticate users from AD by using ntlm_auth.

8.5.

Is there any Windows Supplicant clients available?

Yes. As of Windows XP SP1 or Windows 2000 SP3, support for WPA (PEAP/MS-CHAPv2) is supported. Other clients include (not tested) Secure W2 (free for non-commercial) and WIRE1X. Funk Software also has a commercial client available.