first thanks for this great software.
I've been using freeradius (linux server) with EAP-TLS with Windows Xp clients for a while.
I'm using a CISCO 3550 switch with 802.1x supports as authenticator.
Now I'm trying to assign a restricted access vlan to hosts attached to switch ports.
I've been successful (!) with EAP-TTLS with Alfa-Ariss client but not with EAP-TLS.
The client is authenticating with machine certificate (Local computer store if you mind)
with a registry key to authenticate before logon.
"HKEY_LOCAL_MACHINE\Software\Microsoft\EAPOL\Parameters\General\Global\AuthMode" Tipo: REG_DWORD Value: 2"
The important part of "users" file
****** start ****
"host/mrwolf.lett.unitn.it", Service-Type == Framed-User ### Check item machine name as user with EAP-TLS
Tunnel-Type += 13, ## Reply items
Tunnel-Medium-Type += 6,
Tunnel-Private-Group-Id += 10
mario Auth-Type := Local, User-Password == "hello" ##User part for Eap-TTLS
Tunnel-Type += 13, ## Reply items
Tunnel-Medium-Type += 6,
Tunnel-Private-Group-Id += 10
****** stoip ****
Interface configuration on CISCO 3550
interface fastethernet0/19 switchport mode access dot1x port-control auto dot1x guest-vlan 2 spanning-tree portfast
Am I missing anything?
Thanks in advance, Giosuč Pacifico
Giosuč Pacifico
Presidio I.T.M. Facoltą di Lettere
Universita' degli Studi di Trento - Italy
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html