EAP-TLS reject if CN not in MySQL
Ben Dowling
bendowling at lineone.net
Sat Sep 24 20:22:08 CEST 2005
Hi,
I have freeradius-1.04 configured with MySQL using EAP-TLS and PEAP for
authentication. I wish to reject users whose common name (CN) is not
included in the MySQL database. I have read the thread regarding this
exact problem at:
http://lists.cistron.nl/pipermail/freeradius-users/2004-May/032110.html
and it seems I need to set the DEFAULT profile to reject. I don't quite
understand the thread though, is this the DEFAULT profile in the users
file, or can I configure this in MySQL. Either way, could someone please
provide me with an example of what the DEFAULT profile entry should look
like in order to achieve this?
Thanks for the help,
Ben Dowling
More information about the Freeradius-Users
mailing list