Not restricting access to indicated huntgroup-name

Jenny Ngo Gui jenny.ngogui at
Wed Oct 11 04:02:07 CEST 2006

I don't know why, but for some reason, when the eap.tls.cn_check
option in rad.conf is set to 0 (off), it could not restrict the access
of users as stated in the users and huntgroups file.

Despite the fact that certain users are set such that it would only be
able to connect through one specific AP (Huntgroup-name = "Buffalo",
as opposed to the other one having Huntgroup-name = "Cisco"), it seems
to bypass this restriction when the eap.tls.cn_check option is turned

I'm not sure if this is a problem with freeradius, so I hope someone
could shed some light on this matter..


More information about the Freeradius-Devel mailing list