MAC address restriction with EAP-TLS
tnt at kalik.net
tnt at kalik.net
Tue Jan 27 23:43:46 CET 2009
>> >
>> >So how would I do the same thing for a certificate instead of a username?
>>
>> Ther will be a username in EAP-TLS request too.
>
>From everything that I have been able to read, the user name in a EAP-TLS
>request should come from the CN value of the certificate. Does this
>sound correct?
>
I haven't read the eap RFC. I just send the request and see what comes
up. Then I adjust realms and whatever for authentication to work. Takes
a couple of minutes. I am not planning to make the server - I just want
to use it.
Send the request and see how does the User-Name look like. Is it CN,
CN at realm, domain\CN ...
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list