Klaus Klein wrote: > I'm working on securing the access to a WLAN network with > WPA2-Enterprise, EAP-TLS and a FreeRADIUS server.
Which uses certificates for authentication. > Everything seemed to work as expected until realized that a client will > be authenticated (by eap) even if the user(name), provided with the > mandatory "identifier" entry in wpa_supplicant.conf, doesn't exist in > the users file. That's how EAP-TLS works. > To verify this I used the unedited 'default' users file provided with > the FreeRADIUS package and the user/name 'FooBar'. > Is that meant to be like this or do I miss something? That's how EAP-TLS works. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
