I can't use NT-hash because I use PAP and I need clear-text password.
However I've generated server-side certificates with CA.all script with standart xpextension:
[ xpclient_ext]
extendedKeyUsage = 1.3.6.1.5.5.7.3.2
[ xpserver_ext]
extendedKeyUsage = 1.3.6.1.5.5.7.3.1
Can I modify this OID to create MS-Windows compatible certificates?
Or there are some other way to obtain this feature?
Best Regards,
Josh
On 10/16/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]
> wrote:
Hi,
> Hello all,
> I'm using WPA with EAP-TTLS and PEAP with a MacOS .Authentication works fine
> (even if enough slowly).
> The problem is that I can't authenticate WinXP client.
> I've readed that for using EAP-TTLS are required some other supplicant like
> SecureW2. Is SecureW2 required also for PEAP?
no. the builtin WinXP supplicant does PEAP natively. however, dont forget
that PEAP doesnt deal with plain text passwords - you either need to have
NT-hash or use ntlm_auth
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html