free radius 1.1.6 -eap-tls authentication
Alan DeKok
aland at deployingradius.com
Thu May 17 07:49:21 CEST 2007
anoop_c at sifycorp.com wrote:
> 1 Where will i find the log of the authentication like.... username login ok...or login failed
It's in "radius.log"
> 2 One user\'s certificate if I installed in other user\'s laptop it works.I want one user certificate should work in one laptop only.
There's no real way of doing that. You *could* put the MAC address
into the certificate, and have the RADIUS server check that against the
MAC address in the RADIUS request, but there's no guarantee that will
work. It can be spoofed, and it can break valid configurations.
> 3 In users file i havn\'t added any certificate name as it is eap-tls.So if i want to remove the user from n/w i don\'t have control.Is ther any method like i can add the certificate names in users file then only it should work
Certificate revocation lists.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list