Re: The "right" way to limit a user to one EAP Type on FR2.1.7 addision question

View: New views

2 Messages — Rating Filter: Alert me

Re: The "right" way to limit a user to one EAP Type on FR2.1.7 addision question

by ziyen :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi,

> User01 is only EAP-TLS
> User02 is only EAP-TTLS
> Uesr03 is only EAP-PEAP
> Uesr04 is Any EAP-Type

Just an educated guess ... in users file,

User01 EAP-Type != EAP-TLS, Auth-Type := Reject

User02 EAP-Type != EAP-TTLS, Auth-Type := Reject

...

but, that is not a backend mysql :(
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: The "right" way to limit a user to one EAP Type on FR2.1.7 addision question

by tnt-5 :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

> Hi,
>
>> User01 is only EAP-TLS
>> User02 is only EAP-TTLS
>> Uesr03 is only EAP-PEAP
>> Uesr04 is Any EAP-Type
>
> Just an educated guess ... in users file,
>
> User01 EAP-Type != EAP-TLS, Auth-Type := Reject
>
> User02 EAP-Type != EAP-TTLS, Auth-Type := Reject
>
> ...
>
> but, that is not a backend mysql :(

So? It's not hard to translate user file entries into sql entries:

what's on yhe first (check) line goes into radcheck table

what's on reply lines goes into radreply

Ivan Kalik
Kalik Informatika ISP

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html