Authorized MAC users stopped authenticating
aland at deployingradius.com
Thu Jan 4 21:01:07 CET 2018
On Jan 4, 2018, at 2:50 PM, R.Geller <rg1 at robertgeller.net> wrote:
>> Configure EAP-TLS, and disable all other EAP types.
> How/Where would I do that?
EAP methods are configured in raddb/mods-available/eap. So... edit that.
All of this is documented there.
> Also, from what I gathered in the readme for the client cert, the
> commonName field is the User-Name that will be used for logins... If the
> cert is used for authentication, do I just need an entry for the user with
> Auth-Type := Accept. I'm not sure what the users entry should look like
> for EAP-TLS
You don't need to accept the user. Authenticated users are accepted already.
More information about the Freeradius-Users