On Sun, Sep 14, 2003 at 10:28:25AM -0400, Alan DeKok wrote:
> [EMAIL PROTECTED] wrote:
> > > Don't set 'Auth-Type := EAP' *anywhere*. It's automatically set by
> > > the EAP module.
> >
> > I've set it in the radgroupcheck as this :
>
> What part of "Don't set it anywhere" did you not understand?
Do you mean that's impossible to forbids someone to log in
if he holds a valid certificate ?
If authorize don't set EAP,
EAP will not be called in authenticate.
That's exactly what I want, I want sql to authorize and
EAP to authenticate.
Am I completely wrong ?
>
> > rlm_eap: EAP-Message not found
> > ^^^^^^^^
> > because of radtest.
> >
> > EAP gets called because I've set up Auth-Type EAP
>
> Which is wrong. Why are you still setting Auth-Type to EAP?
Because I want to have some users to use EAP and some
not. But both providing me valid certs with EAP-TLS.
--
[EMAIL PROTECTED]
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
