setup is. Mikrotik WDS AP + Mikrotik WDS Station....so suplicant is
Mikrotik Station....
Mikrotik has only EAP-TLS .1x method for authentication
and as i got EAP-TLS is using only certificates for auth.
i'm sure that i have problem configuring eap TLS module.
radius can't retrieve UserIdentity from certificate.
I have found some kind of solution (but it didn't work)
uncommented one by one strings in eap.conf
check_cert_issuer = "/C=ZZ/ST=Yyyyy/L=yyyyy/O=Xxx"
or
check_cert_cn = %{User-Name}
Also i tried next from this string: check_cert_cn = %{User-Name} =>
entered in users db username same as CN is in certificate with
password supplied during client-cert generation with OpenSSL (A
challenge password []:whatever)
how radius should read user cert. whats wrong ?
One more time, right now, TTLS working on same server using same tls
module but with Ubiquiti equipment.
P.S.: here is my discussion thread on mikrotik forum, but they don't
have glue about freeradius setups (most of them)
http://forum.mikrotik.com/viewtopic.php?f=7&t=45124&p=227563#p227563
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
