Zeli Kartzman wrote:
> so what you're saying is that effectively a user can get around the
> simultaneous user limit and login as many times as they want -- all they
> have to do is type a new outside identity each time and as long as the
> tunneled PEAP identity is correct they will be allowed to login?
If you configure it that way, yes.
The server *can* be configured to enforce simultaneous login limits no
matter what the users type into the outer session. The docs don't
describe how to do this, but they DO describe how to tie the inner &
outer sessions together, and also how to enforce simultaneous login.
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html