EAP-TLS - Authenticating only certain users
Stephen Bowman
stephenbb at gmail.com
Sat Feb 17 18:02:47 CET 2007
Ok, so I put a list of usernames in the users file with an Auth-Type := EAP
?
Right now, everyone with a valid client certificate is authenticated (nobody
is listed in the users file). Once I start enumerating them in the users
file, will it have an implicit deny all of everyone who isn't in the users
file?
Also - is there a way to define a different users file per NAS?
On 2/17/07, Alan DeKok <aland at deployingradius.com> wrote:
>
> Stephen Bowman wrote:
> > When using EAP-TLS as the only method in freeradius, is there a way to
> > define a list of allowed users, perhaps by the CN on their client
> > certificate?
>
> Or the User-Name attribute, which should be the same as the client CN.
>
> Alan DeKok.
> --
> http://deployingradius.com - The web site of the book
> http://deployingradius.com/blog/ - The blog
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070217/7a413270/attachment.html>
More information about the Freeradius-Users
mailing list