EAP-TLS and EAP-TTLS problem in my config

Riccardo.Veraldi Riccardo.Veraldi at fi.infn.it
Fri Jan 13 10:22:32 CET 2006


Hello,
I need to authenticate users with EAP-TTLS but I do not
want at hte same time users who has a certificate to being able to use it
to authenticate themself. I have seen that to enable eap-ttls also eap-tls
modue need to be configured in eap.conf
everyhing works with EAP-TTLS, but users can authenticate with EAP-TLS 
also using a personal certificate.
I want to forbid authentication via EAP-TLS with the certificate, and 
allow only EAP-TTLS
how can I do it ?
I Was not able to find a solution unless to list all the login name of 
the users
in the users file, but this is not very scalable... I would like to do it
with a DEFAULT stanza but was unable to achieve what I need
thank you very much

Rick




More information about the Freeradius-Users mailing list