4 Jan
2018
4 Jan
'18
3:01 p.m.
On Jan 4, 2018, at 2:50 PM, R.Geller <rg1@robertgeller.net> wrote:
Configure EAP-TLS, and disable all other EAP types.
How/Where would I do that?
EAP methods are configured in raddb/mods-available/eap. So... edit that. All of this is documented there.
Also, from what I gathered in the readme for the client cert, the commonName field is the User-Name that will be used for logins... If the cert is used for authentication, do I just need an entry for the user with Auth-Type := Accept. I'm not sure what the users entry should look like for EAP-TLS
You don't need to accept the user. Authenticated users are accepted already. Alan DeKok.