Hi, Am 27.06.2011 07:55, schrieb Christ Schlacta: > is it at all possible to send a message to a windows 7 or windows > vista client that the client is guaranteed to see when authentication > is rejected? > more details: > wireless WPA2-EAP-TLS
There is no such guarantee. RADIUS ends at the access-point; from then on, everything must be fitted into an EAPoL exchange. I'm not aware of any supplicant that processes EAP-Notifications at the time of rejection, and also not aware that an Access Point would encapsulate a Reply-Message into such a notification. Even if there was "a" supplicant and AP to do that, you couldn't be sure that the end device is actually using that supplicant. Greetings, Stefan Winter > on a Ubiquiti PicoStation 2 firmware 5.3.2 (I believe it includes some > form of hostapd, but I'm not sure which version) > Freeradius Version 2.1.9 > Clients running Windows 7 or Windows Vista with no special software > installed. the procedure is OS, Wired Driver, ethernet cable, Windows > Update once for drivers, Wireless certificate, connect to Wifi, (Note > this point) finish updates. > > It's at the Note this point point that I want the clients to be able > to recieve a rejection response with some level of certainty. what > users add to their system later is welcome to break it, if they're > willing to deal with it. > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473
signature.asc
Description: OpenPGP digital signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
