Bug #11055: Insecure FreeRADIUS defaults - pfSense Packages - pfSense bugtracker

Actions

Bug #11055

closed

Added by Anonymous over 3 years ago. Updated over 3 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Category:

FreeRADIUS

Target version:

Start date:

11/11/2020

Due date:

% Done:

Estimated time:

Plus Target Version:

Affected Version:

2.4.5-p1

Affected Plus Version:

Affected Architecture:

All

Description

"Disable Weak EAP Types" (EAP tab, EAP section) should be enabled by default
"Default EAP Types" (EAP tab, EAP section) should be set to PEAP by default
"Check Cert Issuer" (EAP tab, EAP-TLS section) should be enabled by default
"Check Client Certificate CN" (EAP tab, EAP-TLS section) should be enabled by default
"RADIUS Logging" (Settings tab, Logging Configuration section) seems to be enabled by default despite the description saying the default is disabled

Actions

Also available in: Atom PDF