17 Mar
2009
17 Mar
'09
5:43 a.m.
Josh Hiner wrote:
I want to make it so that users who use eap-peapv0 have to be in the wireless group to logon. I have this set in the users file: DEFAULT Called-Station-Id =~ "CCISD-REMC1", Group != "wireless", Auth-Type := Reject
This works great buuut I have successfully setup eap-tls. What is the appropriate way to continue to limit users to be in the wireless group to connect?
The above "users" file entry should be a good start.
I have the common name of the certificate set to the users login so if a user logs in with the username "josh" then that is the common name of the certificate. Will Freeradius use this same username to check against the wireless group?
It will use the User-Name in the Access-Request packet. Alan DeKok.