Sorry, I forgot the subject. Zheng, Jiajia wrote: > Hi, > I hope it is the right place to ask questions about EAP-TLS with > radius server. > I installed freeradius-2.1.6 rpm package on my Fedora 10 system. > EAP_PEAP, EAP_TTLS_CHAP, TTLS_MD5, TTLS_MSCHAP, etc. work fine. > However, EAP-TLS handshake failed. Here are my steps to implement > EAT-TLS with radius server. > 1. on server: yum install freeradius > 2. on server: cd /etc/raddb > 3. on server: edit users and clients.conf (see attachments) > 4. on server: radiusd -X > 5. I configured the AP which is wired connected to the server using > WPA-TKIP > 6. copy ca.pem from server to my wireless machine. > 6. I tried EAP_PEAP, EAP_TTLS_CHAP, TTLS_MD5, TTLS_MSCHAP on my > wireless machine, which all worked fine. > 7. on server: cd /etc/raddb/certs > 8. on server: make client.pem > 9. copy client.pem from server to my wireless machine > 10. run wpa_supplicant on my wireless machine: wpa_supplicant -Dwext > -iwlan0 -c WPA_EAP_TLS.conf WPA_EAP_TLS.conf as below, > ctrl_interface=/var/run/wpa_supplicant > ctrl_interface_group=wheel > network={ > ssid="ASUS-2.4G" > scan_ssid=1 > key_mgmt=WPA-EAP > eap=TLS > identity="root" > ca_cert="./ca.pem" > client_cert="./client.pem" > private_key="./client.pem" > private_key_passwd="whatever" > } > 11. EAP-TLS failed, see the attached tls.log for the output of radiusd > Could you help me out on this issue? > Is there anything I did wrong? Let me know if you need more debugging > info. > > Thanks, > jiajia
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html