Re: eap/tls questions with freeradius

2011-12-28 Thread Phil Mayers
On 12/26/2011 02:44 PM, vazoumana fofana wrote: sorry, i ve got persistents problems : - i filter client certificate under authenticate section (under eap) with : Auth-Type eap { if ( "%{TLS-Client-Cert-Subject}" =~ /OU=x/ ) { reject } }. Firstly, it s' written on "default" file : /Please do

Re: eap/tls questions with freeradius

2011-12-26 Thread Fajar A. Nugraha
On Mon, Dec 26, 2011 at 9:44 PM, vazoumana fofana wrote: > sorry, i ve got persistents problems : > > - i filter client certificate under authenticate section (under eap) with : > Auth-Type eap { >     if ( "%{TLS-Client-Cert-Subject}" =~ /OU=x/ ) { >   

RE: eap/tls questions with freeradius

2011-12-26 Thread vazoumana fofana
o avoid request of certain client ? I restrict authentication request to chooser NAS. I want to avoid clients to enter loop authentication. But these client can request authentication through NAS choosen. Cheers. From: zoumlan...@hotmail.com To: freeradius-users@lists.freeradius.org Subject:

RE: eap/tls questions with freeradius

2011-12-23 Thread vazoumana fofana
Thanks!!! > Date: Fri, 23 Dec 2011 16:26:20 +0700 > Subject: Re: eap/tls questions with freeradius > From: l...@fajar.net > To: freeradius-users@lists.freeradius.org > > On Fri, Dec 23, 2011 at 3:54 PM, vazoumana fofana > wrote: > > > > Do you know whe

Re: eap/tls questions with freeradius

2011-12-23 Thread Fajar A. Nugraha
On Fri, Dec 23, 2011 at 3:54 PM, vazoumana fofana wrote: > > Do you know where i can insert script to add new fonctions  like described > in my previous email ? > When client sends its certificate , server checks before username or > certificate validity ? Try: - http://wiki.freeradius.org/Sites%

RE: eap/tls questions with freeradius

2011-12-23 Thread vazoumana fofana
with freeradius Date: Tue, 20 Dec 2011 16:13:55 + Precisely, i search check_cert_subject wich checks client's certificate field. From: zoumlan...@hotmail.com To: freeradius-users@lists.freeradius.org Subject: eap/tls questions with freeradius Date: Tue, 20 Dec 2011 12:23:50

RE: eap/tls questions with freeradius

2011-12-20 Thread vazoumana fofana
Precisely, i search check_cert_subject wich checks client's certificate field. From: zoumlan...@hotmail.com To: freeradius-users@lists.freeradius.org Subject: eap/tls questions with freeradius Date: Tue, 20 Dec 2011 12:23:50 + Hi , i've got a question : i've set

eap/tls questions with freeradius

2011-12-20 Thread vazoumana fofana
Hi , i've got a question : i've set up a freeradius server with EAP/TLS. In my configuration, i use check_cert_issuer in order to check certificate. Is there any functions wich allows me to check client's certificate subject (C,O,OU ??) ? Further more, i got an other question : when a client