24 Jun
2009
24 Jun
'09
2:35 p.m.
Mauro Screti wrote:
i need to authenicate in wireless network only users that use eap-tls as method, and reject the same user that try in peap.
If you're using 2.x, stop editing the "users" file, or the "huntgroup" file, and just write the policy in unlang. it will be clearer, and it is more likely to work.
DEFAULT Huntgroup-Name == wi-fi, Ldap-Group == "wifi", EAP-Type == TLS Fall-Through = No ... The fist DEFAULT should reject the request if the EAP-type is PEAP, while the second DEFAULT should accept only the request if the EAP is TLS .... i think :-))
No. The second request says "compare, and then do nothing". Alan DeKok.