Problems using EAP-TLS with freeradius version 2
Sebastian Heil
s3b0 at gmx.de
Wed Feb 6 10:58:00 CET 2008
> For using EAP-TLS with the Windows Mobile devices I still have to solve
> one
> problem, which I think would be no problem for you, the problem with the
> username of the devices.
>
> If I disable the option "check_cert_cn = %{User-Name}" in eap.conf I get a
> working configuration, but finally it should work also with that Option
> enabled.
> The problem of the Windows Mobile devices is, that they always submit as
> username "DOMAIN\user". If you leave the DOMAINNAME blank still "\user" is
> used.
Hi,
in version 1.1.7 i used following configuration to cut off the "host/" in front of the username.
in users-file:
DEFAULT Prefix == "host/"
the new value will be written in the attribute "stripped-user-name". so i had to change the value in eap.conf to the following setting:
check_cert_cn = %{Stripped-User-Name}
Maybe that will work in your configuration...
Sebastian
--
Psssst! Schon vom neuen GMX MultiMessenger gehört?
Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger
More information about the Freeradius-Users
mailing list