User Authenticated even when username not given in USERS file (EAP-TLS)

Prateek Kumar er.prateek87 at gmail.com
Wed Mar 28 18:01:16 CEST 2012


Thanks Alan

On Wed, Mar 28, 2012 at 9:25 PM, Alan DeKok <aland at deployingradius.com>wrote:

> Prateek Kumar wrote:
> > I am using EAP-TLS for authentication, USERs are getting authenticated
> > even when I have not defined the user in USERS file.
>
>   That's how EAP-TLS works.  You issued a client certificate.
> Possession of the client certificate means that the user is authenticated.
>
> > 1. Is this behavior normal.
>
>   Yes.
>
> > 2. Should I have to use DEFAULT Auth-Type := Reject at the end of users
> > file ?
>
>   No.
>
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120328/03dd72f1/attachment.html>


More information about the Freeradius-Users mailing list