David Trinh wrote: > I would like to test the security feature 802.1x EAP-TLS of our product. > I set up FreeRadius and used the demo certificates. However, the server > keeps rejecting access. > > I noticed that the server complains about <no User Password attribute>, > but the wireless device (supplicant) does not have a place for me to > enter the password, only the login.
That's how EAP-TLS works. There's no password. The debugging information says there's no password... because there's no password. It's OK. > So how to I configure FreeRadius to > ignore the password attribute? Please help. You don't. The problem is elsewhere: > Here is the log when run in debug mode: ... > rlm_eap: Request found, released from the list > rlm_eap: EAP NAK > rlm_eap: NAK asked for bad type 0 > rlm_eap: Failed in EAP select The EAP supplicant you're using doesn't want to do EAP-TLS, and told the server that there are no EAP types it can use. Fix the supplicant to do EAP-TLS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
