TLS authentication works, but does not check usernames against 'users' file.
John McDonnell
mcdonnjd at pcam.org
Tue Nov 30 17:05:40 CET 2010
> -----Original Message-----
> On Behalf Of Andrew Bovill
>
> Hi,
>
> I'm trying to get WPA Enterprise EAP/TLS working with my wireless
> router. It appears that the TLS portion of the authentication works
> (valid certificates give me a working connection) but it does NOT
> appear
> to actually be checking the username/password combination that is also
> sent along the line.
>
> I have followed the WPA_HOWTO as best I could (my clients are OS X and
> Android and Gentoo, not Windows XP) but I can't figure out how to
> 'fail'
> an auth attempt with an invalid user/pass combination.
>
> Here is the debug output:
> Thanks for any advice. I didn't want to start reconfiguring with a
> shotgun :)
> *snipped*
IIRC, that is how EAP-TLS works. If the client has a valid certificate, it
can connect.
Check this previous message that is similar to what I think you are trying
to do:
http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg66246.h
tml
--
John D McDonnell
Penn Cambria School District
mcdonnjd at pcam.org
O< ASCII Ribbon Campaign - http://www.asciiribbon.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4101 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20101130/75cb4a5c/attachment.bin>
More information about the Freeradius-Users
mailing list