eap {
  md5 {
  }
  default_eap_type = ttls
  tls {
    private_key_file = /etc/raddb/certs/aaaKey.pem
    certificate_file = /etc/raddb/certs/aaaCert.pem
    CA_file = /etc/raddb/certs/strongswanCert.pem
    cipher_list = "DEFAULT"
    dh_file = /etc/raddb/certs/dh
    random_file = /etc/raddb/certs/random
  }
  ttls {
    default_eap_type = md5
    use_tunneled_reply = yes
    virtual_server = "inner-tunnel"
  }
}