Fernando escribió:
I don't understand, what is your goal?
Sergio Yébenes Moreno wrote:
Using eap-tls we can make a "filter" to users, based on different
attibutes (I think). In my case, the "identity" field in
wpa_supplicant.conf.
Freeradius config:
file users contains this
.....
.....
$INCLUDE autorizados
DEFAULT Auth-Type := Reject
Reply-Message = "out"
......
......
file autorizados contains this
"user1" Cleartext-Password := ""
Reply-Message = "Autorizando....."
Fall-Through = No
"user2" ............
...........
I had to make this because I'm not the signer of client certificates,
only for server. I hope that somebody will help this.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
__________ Información de NOD32, revisión 3257 (20080710) __________
Este mensaje ha sido analizado con NOD32 antivirus system
http://www.nod32.com
To use eap-tls with client certs signed by a public CA. Public CA means
that I can't do anything with this. But I don't want that everybody
comes to my network. I know that my english isn't very clear, but I
think it's very simple. Clients are in a public PKI. Servers are in my
own PKI. Clients trust in my PKI, servers trust in this public PKI. But
servers only authorize some users.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html