In order for us to make it work, I had to setup a RADIUS (FreeRadius) server which uses FreeIPA as its backend. Our WiFi access point is configured to point to the RADIUS server. I had to make sure the AD trust package was installed on the FreeIPA server in order for the proper security features to work. We do not have SSL certs on our machine.
*Mike Plemmons | Senior DevOps Engineer | CrossChx* 614.427.2411 mike.plemm...@crosschx.com www.crosschx.com On Fri, Nov 10, 2017 at 11:07 AM, Andrew Meyer via FreeIPA-users < firstname.lastname@example.org> wrote: > So I was wondering if anyone has FreeIPA setup to do authentication with > wireless. We have an ArubaNetworks platform setup to do EAP-PEAP only > communicating back to the current OpenLDAP system, but would like to > migrate to FreeIPA. > > I was able to set this up using Meraki MR18s but I have to use a WPA2-PSK > (enterprise) with splash page in order to log into my FreeIPA system. I > don't know if I will have to put the password in again I am waiting until > tonight to test that. > > All of our laptops are Mac OS X running El Capitan and a few running High > Sierra (w/ all of them upgrading eventually). We have under 5 laptops > running Windows 7-10 and are mostly hard wired. > > The issue is that when I log into wireless using FreeIPA I get prompted > for a password. It gets added to the keychain but when I shutdown for the > night and come back in the next day it asks for the password again the next > day. > > While researching this issue I found that some people have put SSL > certificates on the machines. I don't want to create and enroll an SSL > cert for EACH user. I would like to get system-wide one deployed IF this > is the correct way to go. > > While this may sound like a ArubaNetworks wireless issue I wanted to pose > this question to the mailing list just in case there was a step I missed or > didn't do something that might have been documented somewhere and to see if > anyone else has had this issue. > > Thank you in advance! > > _______________________________________________ > FreeIPA-users mailing list -- email@example.com > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org > >
_______________________________________________ FreeIPA-users mailing list -- firstname.lastname@example.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org