On 12/07/2011 08:37 AM, Michel Bulgado wrote:
On Wednesday 07 December 2011 01:26:08 Fajar A. Nugraha
wrote:
On Wed, Dec 7, 2011 at 1:15 PM,<[email protected]> wrote:
google search and it turns out all the variations I have
encountered are
implementing freeradius with PEAP TLS and mysql which
should generate
certificates and then configure the client and in turn install
these
certificates to the exchange between the server and client.
I was wondering, there is some other simpler way that does
not imply that
this set up or install certificates on the client side?
PEAP-TTLS, PEAP-MSCHAPv2, PEAP-GTC, etc.
On these setup there's only one certificate: the server.
Depending on
your OS/supplicant, the client can be set up to ignore the
certificate
validation, or to have a pop up asking whether they trust the
server
certicate.
Note that the CLIENT choose which authentication method to
use. Setup
on NAS (i.e. access point) side is the same.
Well, I have several clients with different operating systems:
Windows,
Linux, Apple.
Something as simple as putting the username and password.
Once you get pass certificate trust issue, it's a matter of putting
username and password.
Hi Fajar
Thanks for reply me.
If PEAP-TTLS, PEAP-MSCHAPv2, PEAP-GTC works with one
certificate on the side of the server, of the three methods what
you recomend me to use in the server?
Did you have a manual, doc, i can use to setting up the
authentication with freeradius with PEAP-TTLS or PEAP-MSCHAPv2
or PEAP-GTC and mysql?
Michel
At last!
Finally after much struggle, I configure freeradius with mysql to
authenticate wireless users.
EAP-TTLS
But another problem arises for me:
After the user to authenticate and connect to wireless, I noticed that
the table "RadAcct" was empty, probing the inner-tunnel file found this:
There are no accounting Requests inside of EAP-TTLS or PEAP tunnels.
What other variants, I can choose to run the accounting?
Ideas?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
