On 11/30/2010 11:05 AM, John McDonnell wrote:
-----Original Message-----
On Behalf Of Andrew Bovill
Hi,
I'm trying to get WPA Enterprise EAP/TLS working with my wireless
router. It appears that the TLS portion of the authentication works
(valid certificates give me a working connection) but it does NOT
appear
to actually be checking the username/password combination that is also
sent along the line.
I have followed the WPA_HOWTO as best I could (my clients are OS X and
Android and Gentoo, not Windows XP) but I can't figure out how to
'fail'
an auth attempt with an invalid user/pass combination.
Here is the debug output:
Thanks for any advice. I didn't want to start reconfiguring with a
shotgun :)
*snipped*
IIRC, that is how EAP-TLS works. If the client has a valid certificate, it
can connect.
Check this previous message that is similar to what I think you are trying
to do:
http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg66246.h
tml
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Cool, I was wondering about that.
It just seems weird that nearly ALL of the suplicants I've used
*require* me to give a username/password (or at least an Identifier +
password) in addition to the unlocked certificate. Maybe a better
question is: What's the point of the username/pass that's also being
sent by the supplicant?
Thanks
--Andrew Bovill
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
