[EMAIL PROTECTED] wrote: > I'm currently configuring a Freeradius 0.9.1 with EAP-TLS support and > Postgresql.
That won't work. > Everything works find, but if someone gets a certificate he can logs in. That's what EAP-TLS is supposed to do. > (I don't know If I should put Auth-Type here) Don't set 'Auth-Type := EAP' *anywhere*. It's automatically set by the EAP module. > The final purpose of this is to be able to remove access for someone just by > updating the good field containing the Auth-Type attribute to REJECT or to put > a specific user in a reject group... Hmm... the EAP module may over-write a REJECT with EAP. THat's not good. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
