Hello FreeRADIUS List, Thank you for all your help over the past few months. I now have a functioning FreeRADIUS server in production that only authenticates using EAP-TLS and our company's e-mail certificates. I could not have done this without you! If you guys that helped me are ever in Portland, OR. Please e-mail me and I'll buy you dinner/beer. Much Appreciated, Matthew West On Fri, Feb 17, 2017 at 1:25 PM, Matthew West <matthew.t.west@gmail.com> wrote:
OK, I was wondering why it was sending those methods and not a certificate. Thank you for verifying the output!
Matthew
On Fri, Feb 17, 2017 at 12:41 PM, Brian Julin <BJulin@clarku.edu> wrote:
Matthew West wrote:
Can someone help me interpret this output? Including only request in which a reject happens. If more is needed, I'm happy to include more information.
...
(7) eap : Peer sent method PEAP (25)
...
(7) eap : Peer sent method MSCHAPv2 (26)
...The windows supplicant is configured to use EAP-PEAP-MSCHAPv2, not EAP-TLS as you say you are trying to do. It should be reconfigured to use EAP-TLS either directly or using a group policy.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html