Wireless network: WindowsXP supplicant, EAP-TLS and computer certificates.
Lev A. Serebryakov
lev at serebryakov.spb.ru
Fri May 12 12:38:09 CEST 2006
I try to use FreeRADIUS for building 801.1X EAP-TLS authorization. I
want to use only computer certificates (not user ones) on WinXP. such
certificates contains FQDN of client in `commonName' field.
But WinXP/SP2 sent `User-Name' in such case as `host/FQDN'. And
checking of commonName fails.
How can re-map such `User-Names'? I've tried to create realm with
LOCAL mapping, but it doesn't help much :(
It seems, that eap-tls `xlat' user-name before check, but xlat is not
well-documented :(
--
// Lev Serebryakov
More information about the Freeradius-Users
mailing list