3 Aug
2012
3 Aug
'12
4:06 p.m.
Klaus Klein wrote:
I'm working on securing the access to a WLAN network with WPA2-Enterprise, EAP-TLS and a FreeRADIUS server.
Which uses certificates for authentication.
Everything seemed to work as expected until realized that a client will be authenticated (by eap) even if the user(name), provided with the mandatory "identifier" entry in wpa_supplicant.conf, doesn't exist in the users file.
That's how EAP-TLS works.
To verify this I used the unedited 'default' users file provided with the FreeRADIUS package and the user/name 'FooBar'. Is that meant to be like this or do I miss something?
That's how EAP-TLS works. Alan DeKok.