user(name) and EAP-TLS
Alan DeKok
aland at deployingradius.com
Sat Aug 4 03:15:53 CEST 2012
Klaus Klein wrote:
>> Which uses certificates for authentication.
> Correct.
Thanks for the vote of confidence.
The point of my comment was that it DOESN"T use names && passwords for
authentication.
> Is it then correct that the 'check_cert_cn' option in eap.conf is the
> only way to prevent anyone on the client side to tamper with the
> identity entry, and thereby avoiding restrictions (e.g. Login-Time) for
> that client?
That's what check_cert_cn is for. This is documented.
Alan DeKok.
More information about the Freeradius-Users
mailing list