7 Jan
2010
7 Jan
'10
8:52 a.m.
Vieri wrote:
I setup freeradius to accept authentications using PEAP-MSCHAPv2 with client certificates via "EAP-TLS-Require-Client-Cert = Yes".
However, clients who authenticate via EAP-TLS also succeed.
How can I reject all auth types except PEAP-MSCHAPv2 with "EAP-TLS-Require-Client-Cert = Yes"? (ie. I require both client certificates and username/password.)
Put this in the "users" file: DEFAULT EAP-Type == EAP-TLS, Auth-Type := Reject Alan DeKok.