Sorry, I forgot the subject.
Zheng, Jiajia wrote:
Hi,
I hope it is the right place to ask questions about EAP-TLS with
radius server.
I installed freeradius-2.1.6 rpm package on my Fedora 10 system.
EAP_PEAP, EAP_TTLS_CHAP, TTLS_MD5, TTLS_MSCHAP, etc. work fine.
However, EAP-TLS handshake failed. Here are my steps to implement
EAT-TLS with radius server.
1. on server: yum install freeradius
2. on server: cd /etc/raddb
3. on server: edit users and clients.conf (see attachments)
4. on server: radiusd -X
5. I configured the AP which is wired connected to the server using
WPA-TKIP
6. copy ca.pem from server to my wireless machine.
6. I tried EAP_PEAP, EAP_TTLS_CHAP, TTLS_MD5, TTLS_MSCHAP on my
wireless machine, which all worked fine.
7. on server: cd /etc/raddb/certs
8. on server: make client.pem
9. copy client.pem from server to my wireless machine
10. run wpa_supplicant on my wireless machine: wpa_supplicant -Dwext
-iwlan0 -c WPA_EAP_TLS.conf WPA_EAP_TLS.conf as below,
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
network={
ssid=ASUS-2.4G
scan_ssid=1
key_mgmt=WPA-EAP
eap=TLS
identity=root
ca_cert=./ca.pem
client_cert=./client.pem
private_key=./client.pem
private_key_passwd=whatever
}
11. EAP-TLS failed, see the attached tls.log for the output of radiusd
Could you help me out on this issue?
Is there anything I did wrong? Let me know if you need more debugging
info.
Thanks,
jiajia
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
