>file autorizados contains this > "user1" Cleartext-Password := "" > Reply-Message = "Autorizando....." > Fall-Through = No
That's not going to work. You can't make EAP-TLS use passwords. >I had to make this because I'm not the signer of client certificates, >only for server. What are people with certificates that you haven't issued doing on your network? If you are accepting users from another organization, proxy requests to their home server. But if you are to maintain control over who gets access to your network you should tell people to use PEAP and give them usernames/passwords that you will store in autorizados file. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html