Hangjun He wrote: > And I use EAP-TLS and with correct certs. Even if I set wrong > username in Odessey Client, freeRADIUS will return > success.(check_cert_cn not set).
EAP-TLS authenticates users based on certificates. It ignores the user name. > Can I let freeRADIUS to check if username in the users file or other > database? If not, reject user. Yes. Configure that: bob Auth-Type := Reject Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
