Hi Guys,
I think this is an excellent tutorial for what he is trying to achieve.
http://www.howtoforge.com/wifi-authentication-accounting-with-freeradius-on-centos5
I've used this along with assistance from Ivan and have gotten everything I
wanted to work successfully.
Nik
Quoting Nicolas Boullis <[email protected]>:
Hi,
DISCLAIMER: I'm no Windows specialist.
john wrote:
I am having a hard time figuring out how to make this work. Where/how
does the cert get imported. Do I need to make a registry change in
KEY_LOCAL_MACHINE\Software\Microsoft\EAPOL\Parameters\General\Global
to make this work? I hope this is the part someone on the list will
have done before and be able to guide me or point me at a howto.
I had a hard time with this as well, and finally succeeded, using
Windows XP.
There are many points that matter:
* You have to edit your registry to add a "AuthMode" dword key in
KEY_LOCAL_MACHINE\Software\Microsoft\EAPOL\Parameters\General\Global
with value 2.
* You have to load your certificate and private key in the computer's
personal store. I did that with mmc.exe. Note that loading the
certificate and private key in a user's personal store and then
moving them to the computer's store did not work for me.
* Your certificate must have "X509v3 Extended Key Usage: TLS Web Client
Authentication" or Windows won't use it.
* The username Windows will use is the name in the certificate with
"host/" prepended.
Note that things are quite different with Windows Vista.
Hope this helps,
--
Nicolas Boullis
Ecole Centrale Paris
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
Nik
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
