How to grant some (!) devices access to network but all others have to provide passwords

uj2.hahn at uj2.hahn at
Mon Dec 23 18:12:49 CET 2019

Thanks, Alan!
I generated brand new certificates and installed them on one Android 
But now I'm not sure what the expected use model is:
Can I connect immediately without any credentials or do I have to 
provide a valid user/passwd once
and it will be saved forever?
When I try to connect I see the WLAN credential form again (although it 
looks different than before).
So I have to enter some valid credential. Then it is saved. Is this the 
expected behavior?
What is the expected message in the debug logfile saying everything is 
fine with the certificates?


On 22.12.2019 15:47, Alan DeKok wrote:
> On Dec 22, 2019, at 6:18 AM, uj2.hahn at wrote:
>> In a school all devices (students laptops, mobiles, tablets) have to use username/password via Freeradius
>> to get access to WLAN. But there are some well-defined school-owned devices (laptops, tablets)  which should
>> connect to WLAN  immediately w/o any credentials.
>> Which options do I have to realize that? MAC checks? Certificates?
>    If the WiFi is using EAP / 802.1X, then you must use 802.1X for *all* devices.
>    For school-owned devices, the best way to do this is via certificates.  It's (somewhat) difficult to copy the certificate to another machine.  If the device is stolen, you can just revoke the certificate.
>    Alan DeKok.
> -
> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list