Hello. I have been tinkering around with PacketFence and have some questions relating to PKI and SCEP. For information, PacketFence is on version 14. It is not inline and it only has one network port configured at the moment.
1. As per the documentation (23.1), I have configured NDES to work with PacketFence. It seems like this only works for wireless networks? Is there a way to do anything else with this or the MSPKI integration in general? If not, I think for me it makes more sense to just make PacketFence a subordinate CA of my Windows CA. 1. How does the SCEP proxy work mentioned in the documentation (right before the SCEP test section of 23.2.2)? Is it for configuring a SCEP server to proxy to PacketFence? What standalone SCEP servers exist that could be used with this? 1. I signed a CSR from the PacketFence server using my Windows CA as per (23.2.1). I was configuring a template named IP-Phone using this CA and tried following the documentation (23.2.2), but there were a bunch of options that did not match up such as requiring an email in the template. In the template I enabled SCEP and configured a challenge password, but I have no idea what the correct url should be. I tried http://<ipaddress>/scep/IP-Phone and that did not work. Do I need to enable something, or configure some sort of responder on the packetfence network interface? I only have it set to Management at the moment. Thank you.
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
