Some help with the Users file
Alan DeKok
aland at deployingradius.com
Tue Mar 17 10:43:43 CET 2009
Josh Hiner wrote:
> I want to make it so that users who use eap-peapv0 have to be in the
> wireless group to logon. I have this set in the users file:
> DEFAULT Called-Station-Id =~ "CCISD-REMC1", Group != "wireless",
> Auth-Type := Reject
>
> This works great buuut I have successfully setup eap-tls. What is the
> appropriate way to continue to limit users to be in the wireless group
> to connect?
The above "users" file entry should be a good start.
> I have the common name of the certificate set to the users login so if a
> user logs in with the username "josh" then that is the common name of
> the certificate. Will Freeradius use this same username to check against
> the wireless group?
It will use the User-Name in the Access-Request packet.
Alan DeKok.
More information about the Freeradius-Users
mailing list