> -----Original Message----- > On Behalf Of Andrew Bovill > > Hi, > > I'm trying to get WPA Enterprise EAP/TLS working with my wireless > router. It appears that the TLS portion of the authentication works > (valid certificates give me a working connection) but it does NOT > appear > to actually be checking the username/password combination that is also > sent along the line. > > I have followed the WPA_HOWTO as best I could (my clients are OS X and > Android and Gentoo, not Windows XP) but I can't figure out how to > 'fail' > an auth attempt with an invalid user/pass combination. > > Here is the debug output: > Thanks for any advice. I didn't want to start reconfiguring with a > shotgun :) > *snipped*
IIRC, that is how EAP-TLS works. If the client has a valid certificate, it can connect. Check this previous message that is similar to what I think you are trying to do: http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg66246.h tml -- John D McDonnell Penn Cambria School District mcdon...@pcam.org O< ASCII Ribbon Campaign - http://www.asciiribbon.org/
smime.p7s
Description: S/MIME cryptographic signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html