Dear Packetfence Community We're currently running a straightforward implementation of PacketFence version 10.2.0. We know, that 10.3.0 is available, but the errata / bugs that should be fixed in it, are not affecting us.
We are using it for Dot1x Access into our wired LAN via certificates issued by the PacketFence internal PKI. For this we have configured an EAPTLS Connection profile pointing to an Authentication Source with a catchall rule. This works well so far. The issue we're facing currently is around the revocation of certificates. Meaning when revoking a certificate, the client will still have access to the wired network as there is no condition checking for validity of the cert. When editing the Authentication Profile there are a number of conditions that can be checked in a certificate to see if access shall be granted or not but there is no option checking for revocation status. Did any of you have had the same or a similar issue? Is there a straightforward solution to the problem? Best regards, Urs Müller SBB AG Poststrasse 6, 3072 Ostermundigen urs.bf.muel...@sbb.ch / www.sbb.ch _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
