eap/tls access-accept without existing user?

Alan DeKok aland at ox.org
Fri Aug 12 00:56:56 CEST 2005


Markus Krause <krause at biochem.mpg.de> wrote:
> when trying to establish a connection from the mac powerbook using 802.1x and
> client certificate i get a working connection if i enter anything but
> "testuser2", even a wrong password or no pasword or username at all works! with
>  "testuser2" i get an error and no connection.
> 
> where am i missing the point?

  EAP-TLS uses client certificates.  If they have a valid client
certificate, they're in.  The username doesn't matter.

  Alan DeKok.



More information about the Freeradius-Users mailing list