eap/tls access-accept without existing user?
Markus Krause
krause at biochem.mpg.de
Fri Aug 12 00:07:51 CEST 2005
hi all!
first what i am using:
- freeradius 1.0.4 (on debian sarge, package built with -disable-shared)
- mac os x 10.3.9
- self-signed certificates built in a similar way than the ones in the
package/tarball (just adapted the CA.certs script)
my users file contains in addition to the unchanged standard the following
lines:
---8< users 8<---
testuser1 User-Password == "testing"
testuser2 Auth-Type := Local, User-Password == "testing"
--->8 users >8---
the only changes i made in the configuration file radiusd.conf is to comment out
"suffix", in eap.conf i uncommented the section with tls and ttls
when trying to establish a connection from the mac powerbook using 802.1x and
client certificate i get a working connection if i enter anything but
"testuser2", even a wrong password or no pasword or username at all works! with
"testuser2" i get an error and no connection.
where am i missing the point?
thanks in advance for any hint!!
markus
--
Markus Krause email: krause at biochem.mpg.de
Computing Center Tel.: 089 - 89 40 85 99
Group Lottspeich / Proteomics Fax.: 089 - 89 40 85 98
---------------------------------------------------------------------
This message was sent using https://webmail.biochem.mpg.de
If you encounter any problems please report to rz-linux at biochem.mpg.de
More information about the Freeradius-Users
mailing list