Re: Freeradius + EAP_TLS + Cisco AP

2010-10-01 Thread Esteban TALAVERA
Thanks I have to import root CA certificate or server certificate to XP CA trusted lists? On Fri, Oct 1, 2010 at 9:22 AM, Matija Levec wrote: > Hi. > Valid CA is the one that issued radius server certificate. Just import it > to trusted CAs list. > > Bye, > M. > > > > >Is mandatory for an XP m

Re: Freeradius + EAP_TLS + Cisco AP

2010-10-01 Thread Matija Levec
Hi. Valid CA is the one that issued radius server certificate. Just import it to trusted CAs list. Bye, M. >Is mandatory for an XP machine to authenticate the server certificate to a valid CA? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Freeradius + EAP_TLS + Cisco AP

2010-09-30 Thread Esteban TALAVERA
Thanks Hi After multiple issues I found a partial solution, but not the best. I unselect "validate server certificate" in the XP client. After doing that, the client authenticates. I know that this is a very dangerous practice. Is mandatory for an XP machine to authenticate the server

Re: Freeradius + EAP_TLS + Cisco AP

2010-09-29 Thread Matija Levec
You say you are trying to setup eap-tls and you have client certs - so you probably also want to set client to eap-tls (smart card or other certificate in windows world). Check you installed proper CA certs on both client and server if you are checking them (which I guess you should). 'PEAP or

Re: Freeradius + EAP_TLS + Cisco AP

2010-09-28 Thread Esteban TALAVERA
I tried to apply the hotfix but it was included in SP3. The laptop has Windows XP SP3. xpextensions is added to the certificate. What's mean [tls] eaptls_process returned 13? default_eap_type = peapmust be set tp peap or tls? Thanks On Tue, Sep 28, 2010 at 8:30 AM, Esteban TALAVERA wrote

Re: Freeradius + EAP_TLS + Cisco AP

2010-09-28 Thread Esteban TALAVERA
I still can't find solution to my problem in documentation. The microsoft documentation refers to a XP SP2 issue, but I'm testing with XP SP3. I made my own CA certificate, I don't know if this is the problem. Someone can help me? Thanks On Fri, Sep 24, 2010 at 5:38 AM, Alan DeKok wrote: > E

Re: Freeradius + EAP_TLS + Cisco AP

2010-09-24 Thread Alan DeKok
Esteban TALAVERA wrote: > I configured a freeradius server with EAP_TLS to authenticate clients > that connects to Cisco AP. > > When I run freeradius -X I got a lot of activity output but the client > is still trying to authenticate Which says: > Sending Access-Challenge of id 51 to 192.168.X

Freeradius + EAP_TLS + Cisco AP

2010-09-23 Thread Esteban TALAVERA
Hi I configured a freeradius server with EAP_TLS to authenticate clients that connects to Cisco AP. When I run freeradius -X I got a lot of activity output but the client is still trying to authenticate I post last lines from the server's output I see the port of Access-request es 1645 but I di