10 Oct
2006
10 Oct
'06
10:02 p.m.
I don't know why, but for some reason, when the eap.tls.cn_check option in rad.conf is set to 0 (off), it could not restrict the access of users as stated in the users and huntgroups file. Despite the fact that certain users are set such that it would only be able to connect through one specific AP (Huntgroup-name = "Buffalo", as opposed to the other one having Huntgroup-name = "Cisco"), it seems to bypass this restriction when the eap.tls.cn_check option is turned off.. I'm not sure if this is a problem with freeradius, so I hope someone could shed some light on this matter.. Thanks