TLS authentication works, but does not check usernames against 'users'file.
Nolan King
nking at mnwd.com
Wed Dec 1 18:11:03 CET 2010
It is easier for me to put explicit denies in the users file when authenticating with TLS. By default anyone with a valid cert gets in. See also certificate revocation list
>>> Andrew Bovill <abovill at gmail.com> 11/30/10 7:56 AM >>>
Hi,
I'm trying to get WPA Enterprise EAP/TLS working with my wireless
router. It appears that the TLS portion of the authentication works
(valid certificates give me a working connection) but it does NOT appear
to actually be checking the username/password combination that is also
sent along the line.
I have followed the WPA_HOWTO as best I could (my clients are OS X and
Android and Gentoo, not Windows XP) but I can't figure out how to 'fail'
an auth attempt with an invalid user/pass combination.
Here is the debug output:
Thanks for any advice. I didn't want to start reconfiguring with a
shotgun :)
<snip>
More information about the Freeradius-Users
mailing list