Re: EAP-TLS cert
Kwok Sianbin wrote: Now..I want to test connecting with Windows XP but I could not find root.der or cert-clt.p12 like previous version has. raddb/certs. Read eap.conf, too. It points to the location of the default certificates. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS cert
Hi, I've installed FreeRadius-2.0.4 and run fine. Here a few thing I had editted. Clients.conf client 192.168.0.0/24 { secret= testing123-1 shortname= private-network-1 } eap { default_eap_type= tls } tls { fragment_size=1024 include_lenght= yes } users MarsindNetCleartext_Password:= hello Reply-Message = Hello, %{User-Name} Now..I want to test connecting with Windows XP but I could not find root.der or cert-clt.p12 like previous version has. when you installed FR 2.0.x, if you did not supply your own certs, then the first thing it would have done upon running is create its own new ones. they'll be in $RADDB/certs - see the documentation for the files to use. if you DID let FR generate them, they'll be snakeoil dummy certs that only last 30 days. so you'll need to read the Makefile in the certs directory edit client.cnf and server.cnf appopriately and remake them(!) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS cert
Hi, I've installed FreeRadius-2.0.4 and run fine. Here a few thing I had editted. Clients.conf client 192.168.0.0/24 { secret= testing123-1 shortname= private-network-1 } eap { default_eap_type= tls } tls { fragment_size=1024 include_lenght= yes } users MarsindNetCleartext_Password:= hello Reply-Message = Hello, %{User-Name} Now..I want to test connecting with Windows XP but I could not find root.der or cert-clt.p12 like previous version has. What files should I copy and install into Windows XP as client certificate? Thanks in advance. Alan DeKok [EMAIL PROTECTED] wrote: Kwok Sianbin wrote: I am newbie to linux and recently I try to implement wireless connnection with EAP-TLS encryption. I am using Freeradius-1.1.7 installed into Red Hat Enterprise 4. You should really use 2.0.4. Here I encounter problems that I can't solve it alone hence I need advice guru from this forum. the problem is client just can't get connected and keep request. ... Sending Access-Challenge of id 15 to 192.168.0.206 port 1025 ... Going to the next request Waking up in 6 seconds... This is in the FAQ. It's also documented in the eap.conf file in 2.0.4. Here I post the CA.certs execution result as I suppect that the errors might be due to certificate error. When I run ./CA.certs and I got a few errors. 2.0.4 also contains new scripts for certificate creation. They're MUCH better than what's in 1.1.7. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html