On Fri, Aug 27, 2010 at 11:49 AM, rrperez wrote:
> Now I'm trying to test different kind of mobile phones. I'm just confused
> with iPhone because the certificate was sent when I tried to connect to the
> network, while with the other phones, the certificates are installed
> manually.
Not really.
Thanks for the response Fajar,
Finally it worked out, I commented out the mschapv2 and configured the peap
to do gtc, and on the gtc to do auth type ldap. Thanks for the big help.
Now I'm trying to test different kind of mobile phones. I'm just confused
with iPhone because the certificate was se
On Fri, Aug 27, 2010 at 9:05 AM, rrperez wrote:
>
> Thanks for the response Fajar,
>
>>Did you try leaving everything the way it was when it works and only
>>comment-out mschapv2 section?
>
> Yes i tried that yesterday, and it still works.
>
>>Did you try configuring iphone to use WPA2 enterprise
Thanks for the response Fajar,
>Did you try leaving everything the way it was when it works and only
>comment-out mschapv2 section?
Yes i tried that yesterday, and it still works.
>Did you try configuring iphone to use WPA2 enterprise security?
I did that also, but I've never tried to do both
On Fri, Aug 27, 2010 at 8:32 AM, rrperez wrote:
> My previous config which is running smoothly was default_eap_type = gtc only
> and the others are left as it is. Testing your posted configuration, the
> authentication for the computers don't ask for username and password
> anymore, and also the s
Thanks for the response Fajar,
I don't have problem with my server using my previous configuration to
authenticate with wifi computers. But when I reconfigured my server, thats
the time it fails.
My previous config which is running smoothly was default_eap_type = gtc only
and the others are left
Thanks for the response Alan,
I think also that the clients are the ones that is needed to be configured.
--
View this message in context:
http://old.nabble.com/Wifi-Enabled-Phones-%2B-FreeRadius-tp29538516p29548673.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
Lis
On Thu, Aug 26, 2010 at 3:49 PM, Fajar A. Nugraha wrote:
> Using this setup I simply have to select the wifi network name on
> iphone, enter username & password, and accept the certificate warning.
Scratch that. Perhaps it's because I had connected to the network
previously that it was asking use
rrperez wrote:
> I tested also an iPhone 2G to my server, but it still uses MS-CHAPv2 even
> though I configured my server to do TTLS-PAP.
The client chooses the authentication method.
Go fix the client.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/user
On Thu, Aug 26, 2010 at 4:59 PM, rrperez wrote:
>
> Thanks for the response Fajar,
>
> Regarding your configurations, when I configured mine, my computers are now
> unable to connect, my computer clients now are not ask by their username and
> password, the server uses the computer name instead.
Thanks for the response Alan,
>you can kludge this by using EAP-GTC but then you get request for password
>all the time - as the device is expecting it to be a one time token...
when I configured my server like what Fajar posted, it doesn't ask for
username and password anymore. I'm quite confu
Thanks for the response Alan,
>you can kludge this by using EAP-GTC but then you get request for password
>all the time - as the device is expecting it to be a one time token...
when I configured my server like what Fajar posted, it doesn't ask for
username and password anymore. I'm quite confu
Thanks for the response Fajar,
Regarding your configurations, when I configured mine, my computers are now
unable to connect, my computer clients now are not ask by their username and
password, the server uses the computer name instead.
--
View this message in context:
http://old.nabble.com/W
Hi,
> > I tested also an iPhone 2G to my server, but it still uses MS-CHAPv2 even
> > though I configured my server to do TTLS-PAP.
if the device can do TTLS/MSCHAPv2 then it'll do that. if the device
cant do EAP-TTLS/PAP (any many dont) then theres nothing you can do on the
server
to change tha
Hi,
> yes i do use EAP-TTLS/PAP, so does that mean that configurations should done
> on the mobile devices and not on the server?
some devices eg symbian nokias wont do EAP-TTLS/PAP (iirc its all of them) -
you can kludge this by using EAP-GTC but then you get request for password
all the time -
On Thu, Aug 26, 2010 at 3:24 PM, rrperez wrote:
>>For example, iphone (from Apple's docs) supports EAP-TLS, EAP-TTLS,
>>EAP-FAST, EAP-SIM, PEAPv0, PEAPv1, and LEAP. I've tried it with
>>PEAP-GTC, and it works, so you might want to try EAP-TTLS/PAP and see
>>how it goes. If it doesn't, they try ot
Thanks for the response Fajar,
>Are you still authenticating against Lotus Domino LDAP?
Yes, I still do.
>Basically to get an authentication method to work, the device needs to
>be configured to use it, and the server needs to support it. So you
>need to have a method that's supported by both d
On Thu, Aug 26, 2010 at 2:53 PM, rrperez wrote:
>
> Thanks for the response Alan,
>
>>if using eg EAP-TTLS/PAP then you would have issues - some phones wont do
> that method natively
>
> yes i do use EAP-TTLS/PAP, so does that mean that configurations should done
> on the mobile devices and not on
Thanks for the response Alan,
>if using eg EAP-TTLS/PAP then you would have issues - some phones wont do
that method natively
yes i do use EAP-TTLS/PAP, so does that mean that configurations should done
on the mobile devices and not on the server?
--
View this message in context:
http://old
Hi,
> Now I want to test if it is possible for me to do authentication on
> wifi-enabled phones? And also, do I need to make additional configurations
> on the server?
which method? if eg PEAP/MSCHAPv2 then theres not really anything different -
certainly
no changes to the server...just configur
20 matches
Mail list logo