Lefteri, Rule of thumb.
If you have a Cisco AP you should use AAA, For a Cisco client you don't need AAA. -Yiannis *********** REPLY SEPARATOR *********** On 27/1/2004 at 2:13 μμ Lefteris St wrote: >Ok, here's some more info about my configuration on >the user-side: > >I have installed the client and CA certificates >(cert-clt.p12, root.der) which I created using the >script described in Ken Roser's How-To >(doc/EAP/TLS.pdf). They seem to be working fine (the >TLS handshake doesn't complain about any of them). >In the authentication tab i selected "Use Smart Card >or Certificate". >When i try to connect i get a popup prompting me to >choose the (client)certificate i want to use. >Note that since i don't have winXP, i use my card's >software to detect and connect to my AP. I have tried >two different cards so far with the same result(PCMCIA >AmbiCom and ZoomAir with PCI adapter). > >I have also tried using PEAP and TTLS(SecureW2) but >(as was expected) to no avail. > >As far as the client(Cisco) is concerned, there aren't >much more to be said. I didn't use the aaa commands in >the documentation, since it didn't seem necessary in >the How-To's (should I?). >I just added a radius server (providing ip address , >shared secret and selecting "EAP authentication") and >changed the authentication option for my SSID from >"Open Authentication <no addition>" to "Open >authentication with EAP". > >Tomorrow i am going to try and use HostAp as a client >for freeradius and i'll tell you if there this any >progress. > >Thanks again for taking an interest. > >__________________________________ >Do you Yahoo!? >Yahoo! SiteBuilder - Free web site building tool. Try it! >http://webhosting.yahoo.com/ps/sb/ > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html