Riccardo Veraldi wrote: > but still authentication is succesful using EAP-TLS even if user is not > in LDAP Directory. > > any hints ?
That's how EAP-TLS works. If you issued them a certificate, it means that they are authenticated. If you don't want to authenticate them, I'm curious why you issued them a certificate. But if you still want to reject them... you can. Just put them into an LDAP group, and reject everyone in that LDAP group. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
