Re: [PacketFence-users] 802.1x confiuration instructions

[Durand fabrice via PacketFence-users]

Hello Jake,

what sort of documentation you expect about production install ?

The install guide cover what you need to do for 802.1x 
https://packetfence.org/doc/PacketFence_Installation_Guide.html#_getting_started 
and it's what we do when we configure PacketFence for 802.1x.


Also for the certificate, is it for eap-peap or for eap-tls ?

For eap-peap then you need to change the file there 
https://github.com/inverse-inc/packetfence/blob/devel/conf/radiusd/eap.conf.example#L180 
and there 
https://github.com/inverse-inc/packetfence/blob/devel/conf/radiusd/eap.conf.example#L192


Btw you need to create the chained certificate and you can use this tool 
(bob.crt is your public key, server.pem is the chained certificate):


https://github.com/trimstray/sslmerge

# Clone this repository
git clone https://github.com/trimstray/sslmerge

# Go into the repository
cd sslmerge

# Install
./setup.sh install

sslmerge -i bob.crt  -o server.pem --with-root

Then define certificate_file = path_to_server.pem in your eap.conf file.

For eap-tls it's covert there 
https://packetfence.org/doc/PacketFence_Installation_Guide.html#_pki_integration


Regards
Fabrice



Le 2018-06-22 à 16:22, Sallee, Jake via PacketFence-users a écrit :

All:

The instructions for configuring 802.1x in the install guide are fine for 
testing but not really for a production install.

Are there any instructions on configuring a production 802.1x deployment?  I 
understand inverse can't talk about all the hundreds of different vendors, but 
it would be helpful if we could get some more detailed instructions for 
configuring the PF side of things.

I am trying to install new certs for our 802.1x deployment, any help is 
appreciated.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
WWW.UMHB.EDU

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users



--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] 802.1x confiuration instructions

[Sallee, Jake via PacketFence-users]

All:

The instructions for configuring 802.1x in the install guide are fine for 
testing but not really for a production install.

Are there any instructions on configuring a production 802.1x deployment?  I 
understand inverse can't talk about all the hundreds of different vendors, but 
it would be helpful if we could get some more detailed instructions for 
configuring the PF side of things.

I am trying to install new certs for our 802.1x deployment, any help is 
appreciated. 

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
WWW.UMHB.EDU

900 College St.
Belton, Texas
76513

Fone: 254-295-4658
Phax: 254-295-4221

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users