user(name) and EAP-TLS

Klaus Klein k.klein at gmx.de
Sat Aug 4 23:45:22 CEST 2012


Am 04.08.2012 18:51, schrieb Alan DeKok:
> Klaus Klein wrote:
>> But maybe I should have been a bit more precise in my first email.
>> The final (first) productive installation should protect the access to
>> my private WLAN with 3+ APs and 10+ clients.
>    Implying that FreeRADIUS doesn't "protect access" is rude.
Don't you think you're jumping the gun a bit?
Where did you get this from, why are you implying something like this and how rude is that?

The sentences you quoted were written in reference to Matthew's suggestion a) and the impact on the performance. I don't think that 'hitting' files in an environment with 10+ clients and 3+ APs will really have an impact on the performance.
Besides, as I wrote in a later email, I think that the suggested modification will not really make a difference as is seems that files is allready processed with every authorization/authentication.

If you read beyond the quoted sentences you'll see that I currently work on a testbed and that I want to learn more about FreeRADIUS. One of my final goals is to implement with FreeRADIUS a better and more flexible security than what, to my understanding, WPA-PSK could offer.
Why would I do this if I would believe that FreeRADIUS isn't protecting access ?

>    You were the one who set up EAP-TLS.  EAP-TLS means "allow anyone who
> has a signed client cert".  You signed a client cert, and gave it to a
> client. You were told this is how EAP-TLS works.
I think I have a fair understanding how EAP-TLS works but apparently FreeRADIUS in combination with EAP-TLS is capable of and doing more than just that.

>    I already explained how the server worked.
Darn, I must have missed quite some part of an email. ;-)

>    Rather than believe it, you argue, and start insulting us.
I didn't argue, I just stated facts.

Furthermore, I don't think I insulted anyone, but it seems that this doesn't stop you feeling like that.
Sorry if it hurts your feelings but I think you really need to loosen up a bit.  

>    Stop it, or you will be unsubscribed and banned.
I'm really to old for that kind of threats.

Cheers,
Klaus


More information about the Freeradius-Users mailing list