13 Dec
2007
13 Dec
'07
4:58 a.m.
Hangjun He wrote:
And I use EAP-TLS and with correct certs. Even if I set wrong username in Odessey Client, freeRADIUS will return success.(check_cert_cn not set).
EAP-TLS authenticates users based on certificates. It ignores the user name.
Can I let freeRADIUS to check if username in the users file or other database? If not, reject user.
Yes. Configure that: bob Auth-Type := Reject Alan DeKok.