EAP-TLS Machine-Auth Windows: difference between LAN and WiFi

Alan DeKok aland at deployingradius.com
Thu Oct 11 15:58:11 CEST 2012

Alexandros Gougousoudis wrote:
> That's not clear. Why would that break EAP if the workstations are
> sending a different Login?

  You said you wanted to add a string to hostname.  Don't do that.
Editing it in FreeRADIUS will break things.

> It already does, depending on LAN or WLAN
> Logins. I don't mean some kind of rewrite or redirect inside of
> Freeradius. Using Linux I can send whatever I want as the loginname.

  If you know you can change the client, than change the client.

> I have now a more or less complicated regex rule in the radsecproxy, but
> I thought it's more elegant to unify both logins.  I thought doing it in
> the profile-xml-file of the LAN connection in Win, but unfortunately
> it's not the right place for it. At least all official ressources I can
> find from MS, are not pointing out how to do that.

  I can't help there.

  Alan DeKok.

More information about the Freeradius-Users mailing list