If you have a policy that users can gain access only from a registered mac address, revoke the certificates for all the users that didn't comply. In 2.0 you can reject them with unlang. Ivan Kalik Kalik Informatika ISP Dana 2/6/2008, "Wolfgang Burger" <burgerw@immunbio.mpg.de> piše:
Thank you for your answer, Ivan.
Am 02.06.2008 um 13:11 schrieb Ivan Kalik:
Are passwords also coming from passwd module?
No.
If they are then there is no problem. If user is not found he won't have a password and will be rejected by default.
Ivan Kalik Kalik Informatika ISP
That's right. But I am using EAP-TLS. The passwd module is only used to add an attribute that I use for additional MAC filtering.
Best regards
Wolfgang Burger
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html