Hi, As far as I know, my radius server is up and running correctly. My laptop, iPaq all have certificates and user names and all are able to log in correctly, I'm using EAP-TLS on the current release of freeradius.
If I change the user name on only of these to a name which doesn't exist in the configuration, then I get a login failed, which is what I expect. However, since installing a wifi card into my desktop PC, something odd (at least to me) is happening, can anybody explain this?! I have 4 users configured in freeradius: Adrian Laptop Bridge Mobile The client certificate for bridge was created with openssl and issued to "Ethernet Bridge". Whats odd here, is that with this certificate I'm able to log into the radius server with the username "Ethernet Bridge" (As typed into the login window in XP when logging into the network) even though that user doesn't exist in the configuration, how is this possible, is freeradius automatically allowing this user to login because the client certificate validates? Heres a line from the log, what's also odd here is that my firewall (sygate) appears to me mangling the name somewhat, so there's a load of junk after the name. Sat Feb 12 10:49:49 2005 : Auth: Login OK: [Ethernet Bridge\000\000\377\034SygateSecurityAgent\000\000\000\000\000\000\000\000] (from client WLAN port 0) Sat Feb 12 10:49:55 2005 : Info: rlm_eap_tls: Length Included Can anybody shed any light on this?! Thanks. Adrian - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
