On Wed, Oct 20, 2010 at 9:22 AM, Esteban TALAVERA <etalave...@gmail.com>wrote:
> Thanks! > > > On Wed, Oct 20, 2010 at 9:19 AM, Alan DeKok <al...@deployingradius.com>wrote: > >> Esteban TALAVERA wrote: >> > My freeradius + MySQL + EAP_TLS is working, but I have a problem. >> > >> > I assumed that without an entry in MySQl database, the client can not >> > authenticate, >> >> That's not how EAP-TLS works. >> >> > but I forgot to create one user's database entry and the >> > laptop was able to join the network. >> > >> > It is possible a client authentication without a database entry, just >> > with the certificates >> >> That's how EAP-TLS works. >> >> If you want to reject the user, configure the server to look up the >> username in the DB, and reject if they're not found. Or, use TLS as it >> was intended to be used: revoke the client certificate. >> >> Alan DeKok. >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > > > > -- > > *Esteban Talavera* > > * > * > > *Proyectos ITW C.A. > > * > > Tel. +(58)212 7623035 > > +(58)212 7620504 > > Cel. +(58)412 2892006 > > Fax +(58)212 7615965 > > > > -- *Esteban Talavera* * * *Proyectos ITW C.A. * Tel. +(58)212 7623035 +(58)212 7620504 Cel. +(58)412 2892006 Fax +(58)212 7615965
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html