Authenication with certifiactes

alan buxey A.L.M.Buxey at
Mon Jul 2 20:49:21 CEST 2012


1) you are getting an access-accept - which suggest the client is using the values
you mention - that is 'miles' with 'davis45' as the password - hence you are using PEAP or
PAP or somesuch and not EAP-TLS certificate

2) your access-accept should mean that the client gets an address on the network it is put
on via the AP - unless you havent got that bit configured right (VLAN or DHCP server etc) - not
a FreeRADIUS issue

3) clients dont use ca.pem to authentication using certificates - clients get their own client cert

4) EAP-TLS is plain/simple method - thus checking against SQL for passwords is wrong

5) upgrade - 2.1.9 is hideously old, 2.1.12 contains bug fixes and security fixes.


More information about the Freeradius-Users mailing list