How to grant some (!) devices access to network but all others have to provide passwords

Alan DeKok aland at
Mon Dec 23 20:35:03 CET 2019

On Dec 23, 2019, at 12:12 PM, uj2.hahn at wrote:
> Thanks, Alan!
> I generated brand new certificates and installed them on one Android tablet.

  That's good...

> But now I'm not sure what the expected use model is:
> Can I connect immediately without any credentials or do I have to provide a valid user/passwd once
> and it will be saved forever?

  If you use EAP-TLS, it shouldn't need a password.

  But in the end, this question is for the end user device, not for FreeRADIUS.

> When I try to connect I see the WLAN credential form again (although it looks different than before).
> So I have to enter some valid credential. Then it is saved. Is this the expected behavior?

  Ask the device manufacturer how their systems work.  We didn't implement the UI on the android tablet, and we know nothing about it.

> What is the expected message in the debug logfile saying everything is fine with the certificates?

  The server sends an Access-Accept.

  If something goes wrong the error messages are large and descriptive.

  Alan DeKok.

More information about the Freeradius-Users mailing list