Mauro Screti wrote: > i need to authenicate in wireless network only users that use eap-tls as > method, and reject the same user that try in peap.
If you're using 2.x, stop editing the "users" file, or the "huntgroup" file, and just write the policy in unlang. it will be clearer, and it is more likely to work. > DEFAULT Huntgroup-Name == wi-fi, Ldap-Group == "wifi", EAP-Type == TLS > Fall-Through = No ... > The fist DEFAULT should reject the request if the EAP-type is PEAP, > while the second DEFAULT should accept only the request if the EAP is > TLS .... i think :-)) No. The second request says "compare, and then do nothing". Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
