Authentication types implemented in example configuration:

PAP			proxied PAP, or via local DB (cleartext or hashed)
CHAP			proxied CHAP, or via local DB (cleartext)
EAP/EAP-MD5-Challenge	proxied EAP, or using CHAP (see above)
    EAP-MSCHAPv2	proxied EAP, local DB (cleartext) or ntlm_auth
    EAP-TLS		proxied EAP or local cert verification + optional DB ACL
    EAP-TTLSv0/PAP	proxied EAP or using PAP (see above)
    	       CHAP	proxied EAP or using CHAP (see above)
    PEAPv0(MS)/EAP-MD5-Challenge	proxied PEAP or using EAP-MD5-Ch (see  )
     	       EAP-MSCHAPv2		proxied PEAP or using EAP-MSCH.2 (above)

The following types can be done by adding some behaviour file logic:

MSCHAPv2		proxied MSCHAPv2, via local DB (cleartext) or ntlm_auth
.../EAP-MSCHAPv2	using MSCHAPv2
EAP/EAP-TTLSv0/MSCHAPv2	
	       EAP-TLS			) TTLS-tunneled EAP
	       EAP-MD5-Challenge
	       EAP-MSCHAPv2

EAP/PEAP/EAP-TLS			) EAP-TLS as PEAP type

Todo:

TTLSv1
